If the partition size is too small for imx_bbu_nand_update(),
this can lead to an infinite loop in the imx_bbu_firmware_fcb_start_page()
function, because imx_bbu_firmware_max_blocks() returns zero.
Fix this by place imx_bbu_firmware_max_blocks() a bit early.
Signed-off-by: Alexander Shiyan <shc_work@xxxxxxx>
---
common/imx-bbu-nand-fcb.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/common/imx-bbu-nand-fcb.c b/common/imx-bbu-nand-fcb.c
index 8c276a43c..8383aeacf 100644
--- a/common/imx-bbu-nand-fcb.c
+++ b/common/imx-bbu-nand-fcb.c
@@ -1224,6 +1224,12 @@ static int imx_bbu_nand_update(struct bbu_handler *handler, struct bbu_data *dat
mtd = bcb_cdev->mtd;
partition_size = mtd->size;
+ num_blocks_fw = imx_bbu_firmware_max_blocks(mtd);
+ if (num_blocks_fw < 1) {
+ pr_err("Not enough space for firmware\n");
+ return -ENOSPC;
+ }
+
for (i = 0; i < 4; i++) {
read_fcb(mtd, i, &fcb);
if (fcb)
@@ -1329,8 +1335,6 @@ static int imx_bbu_nand_update(struct bbu_handler *handler, struct bbu_data *dat
pr_info("Refreshing existing firmware\n");
}
- num_blocks_fw = imx_bbu_firmware_max_blocks(mtd);
-
if (num_blocks_fw * mtd->erasesize < fw_size) {
pr_err("Not enough space for update\n");
return -ENOSPC;
--
2.13.0
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
