sysmo-bts
/
barebox
9
0
Fork 0
Code Releases Activity

fs: limit flash erase and protect to the partiton boundary 

Passing a too large size or offset to erase could
affect flash outside the partition boundary.
Addresses for SPI flash wrap around, thus giving a
count + offset going past the end of the flash would
wrap around and erase flash at offset 0.

Add the same check for protect.

Signed-off-by: Johannes Stezenbach <js@sig21.net>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This commit is contained in:
Johannes Stezenbach 2012-06-06 18:05:00 +02:00 committed by Sascha Hauer
parent 79f9683b8e
commit 6815e0d054
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
fs/fs.c
View File

@ -751,14 +751,13 @@ int erase(int fd, size_t count, unsigned long offset)
if (check_fd(fd))
return -errno;
if (offset >= f->size)
return 0;
if (count > f->size - offset)
count = f->size - offset;
dev = f->dev;
fsdrv = dev_to_fs_driver(dev);
if (f->pos + count > f->size)
count = f->size - f->pos;
if (fsdrv->erase)
ret = fsdrv->erase(dev, f, count, offset);
else
@ -780,14 +779,13 @@ int protect(int fd, size_t count, unsigned long offset, int prot)
if (check_fd(fd))
return -errno;
if (offset >= f->size)
return 0;
if (count > f->size - offset)
count = f->size - offset;
dev = f->dev;
fsdrv = dev_to_fs_driver(dev);
if (f->pos + count > f->size)
count = f->size - f->pos;
if (fsdrv->protect)
ret = fsdrv->protect(dev, f, count, offset, prot);
else