DFU upload causes memory corruption (patch)

Werner Almesberger werner at openmoko.org
Tue Mar 13 10:14:18 CET 2007


Harald Welte wrote:
> The fundamental question was: Why doesn't the current code work?
> Because urb->buffer is too small for remain?  Then I suggest we restrict
> the length of a transfer to the size of urb->buffer_data

Hmm, wouldn't dfu-util treat this as EOF ? At least sam7dfu.c says

                if (rc < xfer_size) {
                        /* last block, return */

> If we stay with the current hack, an audit whether urb->buffer really is
> properly reset for every control point request would be good.

How many URBs are you juggling in the system anyway ? If there's
just one, or just a small number, why not give each just a "worst
case" constant buffer ?

- Werner

-- 
  _________________________________________________________________________
 / Werner Almesberger, Buenos Aires, Argentina     werner at almesberger.net /
/_http://www.almesberger.net/____________________________________________/



More information about the openmoko-uboot mailing list