This fixes off-by-one error introduced in commit
dc76900021b8
("kernel: Correctly search for the FIT image in mtd partition.")
Function `mtd_read` starts reading at `offset` and
needs `hdr_len` number of bytes to be available. Suppose
the easiest case when `offset` is `0` and `hdr_len` equals
to `mtd->size` - the `for` loop will not be entered even
when enough bytes are available to be read.
Same happens for any non-zero `offset`, when `hdr_len` is
just enough bytes to be read until `mtd->size` is reached.
Imagine that for example `mtd->size=5`, `offset=4` and
`hdr_len=1`. Then `offset+hdr_len=5` and the check has to
be `offset+hdr_len <= mtd->size`, i.e. `5 <= 5`. The
check for `offset + hdr_len` value needs to be inclusive,
therefore use `<=`.
Fixes:
dc76900021b8 ("kernel: Correctly search for the FIT image in mtd partition.")
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[adjusted commit ref, fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
hdr_len = sizeof(struct fdt_header);
/* Parse the MTD device & search for the FIT image location */
- for(offset = 0; offset + hdr_len < mtd->size; offset += mtd->erasesize) {
+ for(offset = 0; offset + hdr_len <= mtd->size; offset += mtd->erasesize) {
ret = mtd_read(mtd, offset, hdr_len, &retlen, (void*) &hdr);
if (ret) {
pr_err("read error in \"%s\" at offset 0x%llx\n",