[flashrom] [PATCH] Fix out-of-bounds access if all erase functions fail

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at gmx.net
Thu Jul 21 03:08:36 CEST 2011 

Am 21.07.2011 02:41 schrieb Carl-Daniel Hailfinger:
> Here's the fix with no message changes. I think that part is where we
> both agree. Please note that a separate followup patch with improved
> messages (either from you or from me) is also very desirable for 0.9.4,
> and by now I pretty much agree with your reasoning.
>   

And here are the pure message changes on top.
AFAICS they should be mostly what you created yourself and a few small
tweaks by me, so it should probably carry your signoff. In the meantime,
this has my signoff to make sure nobody thinks the patch is restricted.

Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net>

--- flashrom-cosmetics_blockwalker_read_write_error/flashrom.c	2011-07-21 02:50:59.000000000 +0200
+++ flashrom-cosmetics_blockwalker_read_write_error/flashrom.c	2011-07-21 03:00:20.000000000 +0200
@@ -1526,15 +1526,14 @@
 			msg_cdbg("No usable erase functions left.\n");
 			break;
 		}
-		msg_cdbg("Looking at blockwise erase function %i... ", k);
+		msg_cdbg("Trying erase function %i... ", k);
 		if (check_block_eraser(flash, k, 1)) {
 			msg_cdbg("Looking for another erase function.\n");
 			continue;
 		}
 		usable_erasefunctions--;
-		msg_cdbg("trying... ");
-		ret = walk_eraseregions(flash, k, &erase_and_write_block_helper, curcontents, newcontents);
-		msg_cdbg("\n");
+		ret = walk_eraseregions(flash, k, &erase_and_write_block_helper,
+					curcontents, newcontents);
 		/* If everything is OK, don't try another erase function. */
 		if (!ret)
 			break;
@@ -1544,14 +1543,19 @@
 		 */
 		if (!usable_erasefunctions)
 			continue;
+		/* Reading the whole chip may take a while, inform the user even
+		 * in non-verbose mode.
+		 */
+		msg_cinfo("Reading current flash chip contents... ");
 		if (flash->read(flash, curcontents, 0, size)) {
 			/* Now we are truly screwed. Read failed as well. */
-			msg_cerr("Can't read anymore!\n");
+			msg_cerr("Can't read anymore! Aborting.\n");
 			/* We have no idea about the flash chip contents, so
 			 * retrying with another erase function is pointless.
 			 */
 			break;
 		}
+		msg_cinfo("done. Trying next erase function.\n");
 	}
 	/* Free the scratchpad. */
 	free(curcontents);
@@ -1938,13 +1942,13 @@
 	 * preserved, but in that case we might perform unneeded erase which
 	 * takes time as well.
 	 */
-	msg_cdbg("Reading old flash chip contents... ");
+	msg_cinfo("Reading old flash chip contents... ");
 	if (flash->read(flash, oldcontents, 0, size)) {
 		ret = 1;
-		msg_cdbg("FAILED.\n");
+		msg_cinfo("FAILED.\n");
 		goto out;
 	}
-	msg_cdbg("done.\n");
+	msg_cinfo("done.\n");
 
 	// This should be moved into each flash part's code to do it 
 	// cleanly. This does the job.


-- 
http://www.hailfinger.org/

More information about the flashrom mailing list