libfdt: Fix bugs in fdt_get_path()
authorDavid Gibson <david@gibson.dropbear.id.au>
Fri, 29 Aug 2008 04:19:13 +0000 (14:19 +1000)
committerGerald Van Baren <vanbaren@cideas.com>
Thu, 2 Oct 2008 02:01:51 +0000 (22:01 -0400)
The current implementation of fdt_get_path() has a couple of bugs,
fixed by this patch.

First, contrary to its documentation, on success it returns the length
of the node's path, rather than 0.  The testcase is correspondingly
wrong, and the patch fixes this as well.

Second, in some circumstances, it will return -FDT_ERR_BADOFFSET
instead of -FDT_ERR_NOSPACE when given insufficient buffer space.
Specifically this happens when there is insufficient space even to
hold the path's second last component.  This behaviour is corrected,
and the testcase updated to check it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
libfdt/fdt_ro.c

index b09a6e9eb7e5976333d6e4626f67102074dabdd8..f559eeda06a9b600dfb7281e2f22c784e3b8fb95 100644 (file)
@@ -320,9 +320,6 @@ int fdt_get_path(const void *fdt, int nodeoffset, char *buf, int buflen)
        for (offset = 0, depth = 0;
             (offset >= 0) && (offset <= nodeoffset);
             offset = fdt_next_node(fdt, offset, &depth)) {
-               if (pdepth < depth)
-                       continue; /* overflowed buffer */
-
                while (pdepth > depth) {
                        do {
                                p--;
@@ -330,14 +327,16 @@ int fdt_get_path(const void *fdt, int nodeoffset, char *buf, int buflen)
                        pdepth--;
                }
 
-               name = fdt_get_name(fdt, offset, &namelen);
-               if (!name)
-                       return namelen;
-               if ((p + namelen + 1) <= buflen) {
-                       memcpy(buf + p, name, namelen);
-                       p += namelen;
-                       buf[p++] = '/';
-                       pdepth++;
+               if (pdepth >= depth) {
+                       name = fdt_get_name(fdt, offset, &namelen);
+                       if (!name)
+                               return namelen;
+                       if ((p + namelen + 1) <= buflen) {
+                               memcpy(buf + p, name, namelen);
+                               p += namelen;
+                               buf[p++] = '/';
+                               pdepth++;
+                       }
                }
 
                if (offset == nodeoffset) {
@@ -347,7 +346,7 @@ int fdt_get_path(const void *fdt, int nodeoffset, char *buf, int buflen)
                        if (p > 1) /* special case so that root path is "/", not "" */
                                p--;
                        buf[p] = '\0';
-                       return p;
+                       return 0;
                }
        }