Code Review / openocd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
flash/nor/core: Fix chunk size calculation in default_flash_mem_blank_check
[openocd.git] / src / flash / nor / core.c
diff --git a/src/flash/nor/core.c b/src/flash/nor/core.c
index f05c68b823410e53251a4e758227544331f34c15..c541afcd06cccce6243f0e72438d793fb6385ad6 100644 (file)
--- a/src/flash/nor/core.c
+++ b/src/flash/nor/core.c
@@ -68,6 +68,11 @@ int flash_driver_protect(struct flash_bank *bank, int set, int first, int last)
        /* force "set" to 0/1 */
        set = !!set;
 
+       if (bank->driver->protect == NULL) {
+               LOG_ERROR("Flash protection is not supported.");
+               return ERROR_FLASH_OPER_UNSUPPORTED;
+       }
+
        /* DANGER!
         *
         * We must not use any cached information about protection state!!!!
@@ -188,9 +193,17 @@ void flash_free_all_banks(void)
                else
                        LOG_WARNING("Flash driver of %s does not support free_driver_priv()", bank->name);
 
+               /* For 'virtual' flash driver bank->sectors and bank->prot_blocks pointers are copied from
+                * master flash_bank structure. They point to memory locations allocated by master flash driver
+                * so master driver is responsible for releasing them.
+                * Avoid UB caused by double-free memory corruption if flash bank is 'virtual'. */
+
+               if (strcmp(bank->driver->name, "virtual") != 0) {
+                       free(bank->sectors);
+                       free(bank->prot_blocks);
+               }
+
                free(bank->name);
-               free(bank->sectors);
-               free(bank->prot_blocks);
                free(bank);
                bank = next;
        }
@@ -309,8 +322,8 @@ static int default_flash_mem_blank_check(struct flash_bank *bank)
                for (j = 0; j < bank->sectors[i].size; j += buffer_size) {
                        uint32_t chunk;
                        chunk = buffer_size;
-                       if (chunk > (j - bank->sectors[i].size))
-                               chunk = (j - bank->sectors[i].size);
+                       if (chunk > (bank->sectors[i].size - j))
+                               chunk = (bank->sectors[i].size - j);
 
                        retval = target_read_memory(target,
                                        bank->base + bank->sectors[i].offset + j,
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)