x86: Fix off-by-one error in do_elf_reloc_fixups()
authorDuncan Laurie <dlaurie@chromium.org>
Tue, 23 Oct 2012 18:04:43 +0000 (18:04 +0000)
committerSimon Glass <sjg@chromium.org>
Thu, 6 Dec 2012 22:30:40 +0000 (14:30 -0800)
The use of post-increment with a do-while loop results in
the loop going one step too far when handling relocation fixups.

In about 1/100 cases this would cause it to hang.

Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
arch/x86/lib/relocate.c

index 200baaba6a2707c28fabc82cb93054158cdff5c0..c0b9b2970ecac0c2e89719717ba34a6f6218b82b 100644 (file)
@@ -85,7 +85,7 @@ int do_elf_reloc_fixups(void)
                                *offset_ptr_ram += gd->reloc_off;
                        }
                }
-       } while (re_src++ < re_end);
+       } while (++re_src < re_end);
 
        return 0;
 }