sector >= 0 is always true for the unsigned type flash_sect_t. This
means the loop to find the sector will only behave correctly when we
actually find the sector, but not in the error case. The error case
is not expected though and will not happen when the code is correct,
so just catch it with a BUG().
Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
drivers/mtd/nor/cfi_flash.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/mtd/nor/cfi_flash.c b/drivers/mtd/nor/cfi_flash.c
index ba0bd1b4eb..ffd29d80a7 100644
--- a/drivers/mtd/nor/cfi_flash.c
+++ b/drivers/mtd/nor/cfi_flash.c
@@ -466,9 +466,16 @@ flash_sect_t find_sector(struct flash_info *info, unsigned long addr)
{
flash_sect_t sector;
- for (sector = info->sector_count - 1; sector >= 0; sector--) {
+ sector = info->sector_count - 1;
+
+ while (1) {
if (addr >= info->start[sector])
break;
+
+ if (sector == 0)
+ BUG();
+
+ sector--;
}
return sector;
--
2.29.2
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
