Make sure that argv[] argument pointers are not modified.
The hush shell dynamically allocates (and re-allocates) memory for the
argument strings in the "char *argv[]" argument vector passed to
commands. Any code that modifies these pointers will cause serious
corruption of the malloc data structures and crash U-Boot, so make
sure the compiler can check that no such modifications are being done
by changing the code into "char * const argv[]".
This modification is the result of debugging a strange crash caused
after adding a new command, which used the following argument
processing code which has been working perfectly fine in all Unix
systems since version 6 - but not so in U-Boot:
int main (int argc, char **argv)
{
while (--argc > 0 && **++argv == '-') {
/* ====> */ while (*++*argv) {
switch (**argv) {
case 'd':
debug++;
break;
...
default:
usage ();
}
}
}
...
}
The line marked "====>" will corrupt the malloc data structures and
usually cause U-Boot to crash when the next command gets executed by
the shell. With the modification, the compiler will prevent this with
an
error: increment of read-only location '*argv'
N.B.: The code above can be trivially rewritten like this:
while (--argc > 0 && **++argv == '-') {
char *arg = *argv;
while (*++arg) {
switch (*arg) {
...
Signed-off-by: Wolfgang Denk <wd@denx.de>
Acked-by: Mike Frysinger <vapier@gentoo.org>
diff --git a/common/cmd_otp.c b/common/cmd_otp.c
index 30af5a3..a8c73b5 100644
--- a/common/cmd_otp.c
+++ b/common/cmd_otp.c
@@ -80,7 +80,7 @@
bfrom_OtpCommand(OTP_INIT, write ? timing : timing & ~(-1 << 15));
}
-int do_otp(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[])
+int do_otp(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
{
uint32_t ret, base_flags;
bool prompt_user, force_read;