From e31a784866f2db6d50733d145a3ac55e64e1c5a1 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 30 Oct 2008 16:37:05 +0000 Subject: [PATCH] powerpc: Fix bug in kernel copy of libfdt's fdt_subnode_offset_namelen() There's currently an off-by-one bug in fdt_subnode_offset_namelen() which causes it to keep searching after it's finished the subnodes of the given parent, and into the subnodes of siblings of the original node which come after it in the tree. This bug was introduced in commit 7a5f208f6f69feb6f6653131ce7be9bdd8bca388 ("powerpc: Update in-kernel dtc and libfdt to version 1.2.0"). A patch has already been submitted to dtc/libfdt mainline. We don't really want to pull in a new upstream version during the 2.6.28 cycle, but we should still fix this bug, hence this standalone version of the fix for the in-kernel libfdt. Signed-off-by: David Gibson Signed-off-by: Paul Mackerras --- arch/powerpc/boot/libfdt/fdt_ro.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/boot/libfdt/fdt_ro.c b/arch/powerpc/boot/libfdt/fdt_ro.c index 129b532bcc1a8..fbbba44fcd0d0 100644 --- a/arch/powerpc/boot/libfdt/fdt_ro.c +++ b/arch/powerpc/boot/libfdt/fdt_ro.c @@ -104,8 +104,8 @@ int fdt_subnode_offset_namelen(const void *fdt, int offset, FDT_CHECK_HEADER(fdt); - for (depth = 0; - offset >= 0; + for (depth = 0, offset = fdt_next_node(fdt, offset, &depth); + (offset >= 0) && (depth > 0); offset = fdt_next_node(fdt, offset, &depth)) { if (depth < 0) return -FDT_ERR_NOTFOUND; @@ -114,7 +114,10 @@ int fdt_subnode_offset_namelen(const void *fdt, int offset, return offset; } - return offset; /* error */ + if (offset < 0) + return offset; /* error */ + else + return -FDT_ERR_NOTFOUND; } int fdt_subnode_offset(const void *fdt, int parentoffset, -- 2.39.5