From 2dccbf4ea05d2c3603b8c1359019bf7148a316a5 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 30 Oct 2008 16:37:05 +0000 Subject: [PATCH] powerpc: Fix bug in kernel copy of libfdt's fdt_subnode_offset_namelen() There's currently an off-by-one bug in fdt_subnode_offset_namelen() which causes it to keep searching after it's finished the subnodes of the given parent, and into the subnodes of siblings of the original node which come after it in the tree. This bug was introduced in commit ed95d7450dcbfeb45ffc9d39b1747aee82b49a51 ("powerpc: Update in-kernel dtc and libfdt to version 1.2.0"). A patch has already been submitted to dtc/libfdt mainline. We don't really want to pull in a new upstream version during the 2.6.28 cycle, but we should still fix this bug, hence this standalone version of the fix for the in-kernel libfdt. Signed-off-by: David Gibson Signed-off-by: Paul Mackerras --- arch/powerpc/boot/libfdt/fdt_ro.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/boot/libfdt/fdt_ro.c b/arch/powerpc/boot/libfdt/fdt_ro.c index 129b532bcc1a..fbbba44fcd0d 100644 --- a/arch/powerpc/boot/libfdt/fdt_ro.c +++ b/arch/powerpc/boot/libfdt/fdt_ro.c @@ -104,8 +104,8 @@ int fdt_subnode_offset_namelen(const void *fdt, int offset, FDT_CHECK_HEADER(fdt); - for (depth = 0; - offset >= 0; + for (depth = 0, offset = fdt_next_node(fdt, offset, &depth); + (offset >= 0) && (depth > 0); offset = fdt_next_node(fdt, offset, &depth)) { if (depth < 0) return -FDT_ERR_NOTFOUND; @@ -114,7 +114,10 @@ int fdt_subnode_offset_namelen(const void *fdt, int offset, return offset; } - return offset; /* error */ + if (offset < 0) + return offset; /* error */ + else + return -FDT_ERR_NOTFOUND; } int fdt_subnode_offset(const void *fdt, int parentoffset,