From 54841ab50c20d6fa6c9cc3eb826989da3a22d934 Mon Sep 17 00:00:00 2001 From: Wolfgang Denk Date: Mon, 28 Jun 2010 22:00:46 +0200 Subject: Make sure that argv[] argument pointers are not modified. The hush shell dynamically allocates (and re-allocates) memory for the argument strings in the "char *argv[]" argument vector passed to commands. Any code that modifies these pointers will cause serious corruption of the malloc data structures and crash U-Boot, so make sure the compiler can check that no such modifications are being done by changing the code into "char * const argv[]". This modification is the result of debugging a strange crash caused after adding a new command, which used the following argument processing code which has been working perfectly fine in all Unix systems since version 6 - but not so in U-Boot: int main (int argc, char **argv) { while (--argc > 0 && **++argv == '-') { /* ====> */ while (*++*argv) { switch (**argv) { case 'd': debug++; break; ... default: usage (); } } } ... } The line marked "====>" will corrupt the malloc data structures and usually cause U-Boot to crash when the next command gets executed by the shell. With the modification, the compiler will prevent this with an error: increment of read-only location '*argv' N.B.: The code above can be trivially rewritten like this: while (--argc > 0 && **++argv == '-') { char *arg = *argv; while (*++arg) { switch (*arg) { ... Signed-off-by: Wolfgang Denk Acked-by: Mike Frysinger --- common/cmd_elf.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'common/cmd_elf.c') diff --git a/common/cmd_elf.c b/common/cmd_elf.c index 63f6fe7a1fc..104d6e68b3c 100644 --- a/common/cmd_elf.c +++ b/common/cmd_elf.c @@ -29,7 +29,8 @@ unsigned long load_elf_image (unsigned long addr); /* Allow ports to override the default behavior */ __attribute__((weak)) -unsigned long do_bootelf_exec (ulong (*entry)(int, char *[]), int argc, char *argv[]) +unsigned long do_bootelf_exec (ulong (*entry)(int, char * const[]), + int argc, char * const argv[]) { unsigned long ret; @@ -56,7 +57,7 @@ unsigned long do_bootelf_exec (ulong (*entry)(int, char *[]), int argc, char *ar /* ====================================================================== * Interpreter command to boot an arbitrary ELF image from memory. * ====================================================================== */ -int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) +int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { unsigned long addr; /* Address of the ELF image */ unsigned long rc; /* Return value from user code */ @@ -93,7 +94,7 @@ int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) * be either an ELF image or a raw binary. Will attempt to setup the * bootline and other parameters correctly. * ====================================================================== */ -int do_bootvx (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) +int do_bootvx (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { unsigned long addr; /* Address of image */ unsigned long bootaddr; /* Address to put the bootline */ -- cgit v1.2.3