diff options
author | Rafał Miłecki <zajec5@gmail.com> | 2015-07-07 21:21:49 +0000 |
---|---|---|
committer | Rafał Miłecki <zajec5@gmail.com> | 2015-07-07 21:21:49 +0000 |
commit | 9f158499108eae39555bc65d1abfd86bd0c65533 (patch) | |
tree | d4713ec6f154f1e844b3a77daebc190003bed193 | |
parent | 08790c5ee8bfca46d0afe973e336e44e27e35a8c (diff) | |
download | mtk-20170518-9f158499108eae39555bc65d1abfd86bd0c65533.zip mtk-20170518-9f158499108eae39555bc65d1abfd86bd0c65533.tar.gz mtk-20170518-9f158499108eae39555bc65d1abfd86bd0c65533.tar.bz2 |
nvram: fix "Segmentation fault" caused by setting memory out of buffer
Some MTD partitions with NVRAM have content starting in the middle. In
such case offset is set and nvram_header returns pointer to the middle.
It means we have to respect offset when calculating remaining space.
By the way use real MTD partition size (nvram_part_size variable) as we
may want to bump NVRAM_SPACE in the (very near) future.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46251
-rw-r--r-- | package/utils/nvram/src/nvram.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package/utils/nvram/src/nvram.c b/package/utils/nvram/src/nvram.c index c4bcb1d..c490597 100644 --- a/package/utils/nvram/src/nvram.c +++ b/package/utils/nvram/src/nvram.c @@ -286,11 +286,11 @@ int nvram_commit(nvram_handle_t *h) /* Clear data area */ ptr = (char *) header + sizeof(nvram_header_t); - memset(ptr, 0xFF, NVRAM_SPACE - sizeof(nvram_header_t)); + memset(ptr, 0xFF, nvram_part_size - h->offset - sizeof(nvram_header_t)); memset(&tmp, 0, sizeof(nvram_header_t)); /* Leave space for a double NUL at the end */ - end = (char *) header + NVRAM_SPACE - 2; + end = (char *) header + nvram_part_size - h->offset - 2; /* Write out all tuples */ for (i = 0; i < NVRAM_ARRAYSIZE(h->nvram_hash); i++) { |