summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorØyvind Harboe <oyvind.harboe@zylin.com>2010-09-10 10:22:14 +0200
committerØyvind Harboe <oyvind.harboe@zylin.com>2010-09-11 10:37:32 +0200
commit8c21659d2a81912c2d591d3889893040d1aa9028 (patch)
treed9b94d91bad77fad2c522c823c3fa6011cfe72f0 /src
parentef92da3315b13ab8ee3b509f2b05c15194140b92 (diff)
downloadopenocd+libswd-8c21659d2a81912c2d591d3889893040d1aa9028.tar.gz
openocd+libswd-8c21659d2a81912c2d591d3889893040d1aa9028.tar.bz2
openocd+libswd-8c21659d2a81912c2d591d3889893040d1aa9028.tar.xz
openocd+libswd-8c21659d2a81912c2d591d3889893040d1aa9028.zip
cfi: random crash in cfi_probe() fixed
for non_cfi cfi chips free() was invoked on rodata. The mystery is why this bug has survived for so long. Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Diffstat (limited to 'src')
-rw-r--r--src/flash/nor/non_cfi.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/flash/nor/non_cfi.c b/src/flash/nor/non_cfi.c
index e0ea568a..569ffc5f 100644
--- a/src/flash/nor/non_cfi.c
+++ b/src/flash/nor/non_cfi.c
@@ -486,7 +486,11 @@ void cfi_fixup_non_cfi(struct flash_bank *bank)
cfi_info->max_buf_write_size = non_cfi->max_buf_write_size;
cfi_info->status_poll_mask = non_cfi->status_poll_mask;
cfi_info->num_erase_regions = non_cfi->num_erase_regions;
- cfi_info->erase_region_info = non_cfi->erase_region_info;
+ size_t erase_region_info_size = sizeof(*cfi_info->erase_region_info) *
+ cfi_info->num_erase_regions;
+ cfi_info->erase_region_info = malloc(erase_region_info_size);
+ memcpy(cfi_info->erase_region_info,
+ non_cfi->erase_region_info, erase_region_info_size);
cfi_info->dev_size = non_cfi->dev_size;
if (cfi_info->pri_id == 0x2)