On Fri, 2015-10-23 at 17:49 +0000, Kevin Smith wrote:
> Correct a null pointer dereference in board_nand_init(). Zeroed
> memory was allocated, then immediately dereferenced, which is a
> null dereference. The dereference is completely removed, since
> this pointer is later initialized in alloc_nand_resources.
>
> The allocation size is reduced from what was introduced from the
> Linux kernel, as U-boot uses the statically allocated nand_info
> instead of needing to dynamically allocate an mtd_info instance.
>
> Also, some pointer math was corrected in the initialization of
> the nand_chip pointer.
>
> Signed-off-by: Kevin Smith <kevin.sm...@elecsyscorp.com>
> Cc: Stefan Roese <s...@denx.de>
> Cc: Luka Perkov <luka.per...@sartura.hr>
> Cc: Scott Wood <scottw...@freescale.com>
> ---
> drivers/mtd/nand/pxa3xx_nand.c | 17 +++++------------
> 1 file changed, 5 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c
> index 1565a9a..e5ea5c2 100644
> --- a/drivers/mtd/nand/pxa3xx_nand.c
> +++ b/drivers/mtd/nand/pxa3xx_nand.c
> @@ -1486,8 +1486,8 @@ static int alloc_nand_resource(struct
> pxa3xx_nand_info *info)
> info->variant = pxa3xx_nand_get_variant();
> for (cs = 0; cs < pdata->num_cs; cs++) {
> mtd = &nand_info[cs];
> - chip = (struct nand_chip *)info +
> - sizeof(struct pxa3xx_nand_host);
> + chip = (struct nand_chip *)
> + ((u8 *)&info[1] + sizeof(*host) * cs);
Yuck. Could you please rework this driver to not play games with pointers
and one giant allocation? Why can't this function allocate each region it
needs separately?
-Scott
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
