summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCarl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>2011-02-04 22:52:04 +0000
committerCarl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>2011-02-04 22:52:04 +0000
commit146b77d77778a0dadb7e5ad5c9d1d0e9dde3fc9c (patch)
tree43cbc163c84812a0c51daf8ff1141e0d024375b0
parent9a1105cffffce126a8c7c4a98d24e6b92d86e817 (diff)
downloadast2050-flashrom-146b77d77778a0dadb7e5ad5c9d1d0e9dde3fc9c.zip
ast2050-flashrom-146b77d77778a0dadb7e5ad5c9d1d0e9dde3fc9c.tar.gz
Improve debugging for unaligned erase in the flash chip emulator
Fix out-of-bounds access for chip erase in the flash chip emulator. Corresponding to flashrom svn r1259. Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net> Acked-by: David Hendricks <dhendrix@google.com>
-rw-r--r--dummyflasher.c18
1 files changed, 6 insertions, 12 deletions
diff --git a/dummyflasher.c b/dummyflasher.c
index 473e45e..d818a84 100644
--- a/dummyflasher.c
+++ b/dummyflasher.c
@@ -395,7 +395,7 @@ static int emulate_spi_chip_response(unsigned int writecnt, unsigned int readcnt
}
offs = writearr[1] << 16 | writearr[2] << 8 | writearr[3];
if (offs & (emu_jedec_se_size - 1))
- msg_pdbg("Unaligned SECTOR ERASE 0x20\n");
+ msg_pdbg("Unaligned SECTOR ERASE 0x20: 0x%x\n", offs);
offs &= ~(emu_jedec_se_size - 1);
memset(flashchip_contents + offs, 0xff, emu_jedec_se_size);
break;
@@ -412,7 +412,7 @@ static int emulate_spi_chip_response(unsigned int writecnt, unsigned int readcnt
}
offs = writearr[1] << 16 | writearr[2] << 8 | writearr[3];
if (offs & (emu_jedec_be_52_size - 1))
- msg_pdbg("Unaligned BLOCK ERASE 0x52\n");
+ msg_pdbg("Unaligned BLOCK ERASE 0x52: 0x%x\n", offs);
offs &= ~(emu_jedec_be_52_size - 1);
memset(flashchip_contents + offs, 0xff, emu_jedec_be_52_size);
break;
@@ -429,7 +429,7 @@ static int emulate_spi_chip_response(unsigned int writecnt, unsigned int readcnt
}
offs = writearr[1] << 16 | writearr[2] << 8 | writearr[3];
if (offs & (emu_jedec_be_d8_size - 1))
- msg_pdbg("Unaligned BLOCK ERASE 0xd8\n");
+ msg_pdbg("Unaligned BLOCK ERASE 0xd8: 0x%x\n", offs);
offs &= ~(emu_jedec_be_d8_size - 1);
memset(flashchip_contents + offs, 0xff, emu_jedec_be_d8_size);
break;
@@ -444,12 +444,9 @@ static int emulate_spi_chip_response(unsigned int writecnt, unsigned int readcnt
msg_perr("CHIP ERASE 0x60 insize invalid!\n");
return 1;
}
- offs = writearr[1] << 16 | writearr[2] << 8 | writearr[3];
- if (offs & (emu_jedec_ce_60_size - 1))
- msg_pdbg("Unaligned CHIP ERASE 0x60\n");
- offs &= ~(emu_jedec_ce_60_size - 1);
+ /* JEDEC_CE_60_OUTSIZE is 1 (no address) -> no offset. */
/* emu_jedec_ce_60_size is emu_chip_size. */
- memset(flashchip_contents + offs, 0xff, emu_jedec_ce_60_size);
+ memset(flashchip_contents, 0xff, emu_jedec_ce_60_size);
break;
case JEDEC_CE_C7:
if (!emu_jedec_ce_c7_size)
@@ -462,10 +459,7 @@ static int emulate_spi_chip_response(unsigned int writecnt, unsigned int readcnt
msg_perr("CHIP ERASE 0xc7 insize invalid!\n");
return 1;
}
- offs = writearr[1] << 16 | writearr[2] << 8 | writearr[3];
- if (offs & (emu_jedec_ce_c7_size - 1))
- msg_pdbg("Unaligned CHIP ERASE 0xc7\n");
- offs &= ~(emu_jedec_ce_c7_size - 1);
+ /* JEDEC_CE_C7_OUTSIZE is 1 (no address) -> no offset. */
/* emu_jedec_ce_c7_size is emu_chip_size. */
memset(flashchip_contents, 0xff, emu_jedec_ce_c7_size);
break;
OpenPOWER on IntegriCloud