Anastasia Klimchuk has submitted this change. ( https://review.coreboot.org/c/flashrom/+/84234?usp=email ) Change subject: erasure_layout: Fix init_eraseblock segmentation fault ...................................................................... erasure_layout: Fix init_eraseblock segmentation fault Fix a segmentation fault that is caused by accessing an invalid "subedata" pointer on the last iteration of the init_eraseblock loop. Instead, short circuit the loop condition to check the sub block index first, and do not access the invalid pointer if it is the last sub block. Issue was encountered in: - OS: OpenBSD 7.5 amd64 - Compiler: clang 16.0.6 - Chip: Macronix MX25U6435E/F BUG=https://ticket.coreboot.org/issues/555 Change-Id: I61bf0d93aa9f0b2b420b146be16fcd5124f0dc5d Signed-off-by: Grant Pannell <grant@digitaldj.net> Reviewed-on: https://review.coreboot.org/c/flashrom/+/84234 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: DigitalDJ Reviewed-by: Anastasia Klimchuk <aklm@chromium.org> --- M erasure_layout.c 1 file changed, 2 insertions(+), 2 deletions(-) Approvals: build bot (Jenkins): Verified Anastasia Klimchuk: Looks good to me, approved DigitalDJ: Looks good to me, but someone else must approve diff --git a/erasure_layout.c b/erasure_layout.c index c1368e7..c3a415b 100644 --- a/erasure_layout.c +++ b/erasure_layout.c @@ -52,8 +52,8 @@ edata->first_sub_block_index = *sub_block_index; struct eraseblock_data *subedata = &layout[idx - 1].layout_list[*sub_block_index]; - while (subedata->start_addr >= start_addr && subedata->end_addr <= end_addr && - *sub_block_index < layout[idx-1].block_count) { + while (*sub_block_index < layout[idx-1].block_count && + subedata->start_addr >= start_addr && subedata->end_addr <= end_addr) { (*sub_block_index)++; subedata++; } -- To view, visit https://review.coreboot.org/c/flashrom/+/84234?usp=email To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: flashrom Gerrit-Branch: main Gerrit-Change-Id: I61bf0d93aa9f0b2b420b146be16fcd5124f0dc5d Gerrit-Change-Number: 84234 Gerrit-PatchSet: 6 Gerrit-Owner: DigitalDJ Gerrit-Reviewer: Aarya <aarya.chaumal@gmail.com> Gerrit-Reviewer: Anastasia Klimchuk <aklm@chromium.org> Gerrit-Reviewer: DigitalDJ Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>