On 28/02/16(Sun) 17:49, Patrick Wildt wrote:
> Hi,
>
> If we're calling fdt_find_node() and do not actually find the node we're
> looking for, we call strncmp with a NULL value.
>
> What happens is that we use fdt_child_node(node) to retrieve a child
> and then use fdt_next_node(child) to go through the list of children.
> If we do not find a child that matches the given name(s), it will
> reach the end of the list. You know that you're at the end of the
> list if the next token is not FDT_NODE_BEGIN. A child must start
> with that token.
>
> Even though there's no child left, fdt_next_node(child) will not
> return a NULL ptr, but instead return a pointer to the next token.
> This means the for-loop will continue to run and call strncmp.
> fdt_node_name(child) will return a NULL ptr, as the token behind
> the ptr is not FDT_NODE_BEGIN.
Is it possible to fix fdt_next_node() then?
> This diff makes the function return NULL if the token behind the
> child pointer is not FDT_NODE_BEGIN. This tells us we reached
> the end of the list and we have not found a child matching the
> passed name(s). Thus the find has failed.
>
> Patrick
>
> diff --git sys/arch/socppc/socppc/fdt.c sys/arch/socppc/socppc/fdt.c
> index 0dec4fb..741763c 100644
> --- sys/arch/socppc/socppc/fdt.c
> +++ sys/arch/socppc/socppc/fdt.c
> @@ -274,6 +274,13 @@ fdt_find_node(char *name)
>
> for (child = fdt_child_node(node); child;
> child = fdt_next_node(child)) {
> + /*
> + * A child always starts with a FDT_NODE_BEGIN token.
> + * If it's another token, we have reached the end of
> + * the list but have not found a match.
> + */
> + if (betoh32(*(uint32_t *)child) != FDT_NODE_BEGIN)
> + return NULL;
> if (strncmp(p, fdt_node_name(child), q - p) == 0) {
> node = child;
> break;
>
