From fa4fe456b7f0c561e73477df59b2f9376f23b080 Mon Sep 17 00:00:00 2001
From: Nick Withers <nick.withers@anu.edu.au>
Date: Thu, 30 Jan 2014 12:58:41 +1100
Subject: Move the flash size probe into bankValidate()

Previously, bankValidate() could be called (e.g., BSP_flashWrite() -> regionCheckAndErase() -> argcheck() -> bankValidate()) without the probe having happened. When it then invoked BSP_flashCheckId(), unmapped memory could be read, possibly causing a fatal exception.
---
 c/src/lib/libbsp/powerpc/shared/flash/flash.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/c/src/lib/libbsp/powerpc/shared/flash/flash.c b/c/src/lib/libbsp/powerpc/shared/flash/flash.c
index 0037fe73e2..b7f167875a 100644
--- a/c/src/lib/libbsp/powerpc/shared/flash/flash.c
+++ b/c/src/lib/libbsp/powerpc/shared/flash/flash.c
@@ -456,6 +456,11 @@ struct bankdesc *b = BSP_flashBspOps.bankcheck(bank, quiet);
 		return 0;
 	}
 
+	if ( !b->size && !(b->size = BSP_flashProbeSize(b)) ) {
+		fprintf(stderr,"Configuration Error - unable to determine flash size\n");
+		return 0;
+	}
+
 	if ( !b->dd && !(b->dd = BSP_flashCheckId(b, b->start,1)) ) {
 		fprintf(stderr,"Error: unable to detect flash device in bank #%i\n", bank);
 		return 0;
@@ -485,10 +490,6 @@ struct bankdesc *b;
 		return 0;
 	}
 
-	if ( !b->size && !(b->size = BSP_flashProbeSize(b)) ) {
-		fprintf(stderr,"Configuration Error - unable to determine flash size\n");
-		return 0;
-	}
 	if ( offset + size > b->size ) {
 		fprintf(stderr,"Error: requested size exceeds available flash (0x%08"PRIx32" bytes)\n", b->size);
 		return 0;
-- 
cgit v1.2.3