From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ladislav Michl <ladis@linux-mips.org>
Date: Thu, 25 Nov 2004 12:22:23 +0100
Subject: [U-Boot-Users] Re: [PATCH] !CFG_MEMTEST_SCRATCH - do not dereference NULL ptr
In-Reply-To: <20041122110723.AD1A2C1430@atlas.denx.de>
References: <20041122100122.GA5418@simek> <20041122110723.AD1A2C1430@atlas.denx.de>
Message-ID: <20041125112223.GA4635@simek>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de

On Mon, Nov 22, 2004 at 12:07:18PM +0100, Wolfgang Denk wrote:
> There is no explanation what it does or which problem it is  supposed
> to fix.

When CFG_MEMTEST_SCRATCH is undefined alternate memory test in do_mem_mtest
(with CFG_ALT_MEMTEST defined) dereferences null pointer. It defines:
vu_long *dummy = NULL;
and later does:
*dummy  = ~val;

> There is also no CHANGELOG entry.

CHANGELOG
* Patch by Ladislav Michl, 22 November 2004
  - Fix NULL pointer dereference in alternate memory test (CFG_ALT_MEMTEST)
    when if no CFG_MEMTEST_SCRATCH area defined

Index: common/cmd_mem.c
===================================================================
RCS file: /cvsroot/u-boot/u-boot/common/cmd_mem.c,v
retrieving revision 1.19
diff -p -u -r1.19 cmd_mem.c
--- common/cmd_mem.c	10 Oct 2004 23:27:33 -0000	1.19
+++ common/cmd_mem.c	22 Nov 2004 11:21:43 -0000
@@ -646,8 +646,9 @@ int do_mem_mtest (cmd_tbl_t *cmdtp, int 
 	vu_long	num_words;
 #if defined(CFG_MEMTEST_SCRATCH)
 	vu_long *dummy = (vu_long*)CFG_MEMTEST_SCRATCH;
+#define write_dummy(val)	do { *dummy  = ~val; } while (0)
 #else
-	vu_long *dummy = NULL;
+#define write_dummy(val)	do { } while (0)
 #endif
 	int	j;
 	int iterations = 1;
@@ -723,7 +724,7 @@ int do_mem_mtest (cmd_tbl_t *cmdtp, int 
 		    val = bitpattern[j];
 		    for(; val != 0; val <<= 1) {
 			*addr  = val;
-			*dummy  = ~val; /* clear the test data off of the bus */
+			write_dummy(~val); /* clear the test data off of the bus */
 			readback = *addr;
 			if(readback != val) {
 			     printf ("FAILURE (data line): "
@@ -731,11 +732,11 @@ int do_mem_mtest (cmd_tbl_t *cmdtp, int 
 					  val, readback);
 			}
 			*addr  = ~val;
-			*dummy  = val;
+			write_dummy(val);
 			readback = *addr;
 			if(readback != ~val) {
 			    printf ("FAILURE (data line): "
-				"Is %08lx, should be %08lx\n",
+				"is %08lx, should be %08lx\n",
 					readback, ~val);
 			}
 		    }