From ca61c3dd3efcdf1aa5c7ea055514b0985e5fff48 Mon Sep 17 00:00:00 2001
From: Nico Huber <nico.h@gmx.de>
Date: Fri, 26 Aug 2022 11:36:48 +0200
Subject: programmer_init: Work on a mutable copy of programmer params

The signature of extract_param() was wrong all the time. It actually
modifies the passed, global `programmer_param` string. This only com-
piled w/o warnings because of a deficiency of the strstr() API. It
takes a const string as argument but returns a mutable pointer to
a substring of it.

As we take a const parameter string in the libflashrom API and should
not change that, we create a copy in programmer_init() instead.

Now that we free our copy of the programmer parameters at the end of
programmer_init() it's more obvious that the string can only be used
during initialization. So also clear `programmer_param` inside
programmer_init() instead of programmer_shutdown().

Change-Id: If6bb2e5e4312b07f756615984bd3757e92b86b0a
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/67094
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Thomas Heijligen <src@posteo.de>
---
 flashrom.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

(limited to 'flashrom.c')

diff --git a/flashrom.c b/flashrom.c
index b68ba553..f8c5e730 100644
--- a/flashrom.c
+++ b/flashrom.c
@@ -38,7 +38,7 @@ const char flashrom_version[] = FLASHROM_VERSION;
 const char *chip_to_probe = NULL;
 
 static const struct programmer_entry *programmer = NULL;
-static const char *programmer_param = NULL;
+static char *programmer_param = NULL;
 
 /*
  * Programmers supporting multiple buses can have differing size limits on
@@ -150,7 +150,16 @@ int programmer_init(const struct programmer_entry *prog, const char *param)
 	/* Default to allowing writes. Broken programmers set this to 0. */
 	programmer_may_write = true;
 
-	programmer_param = param;
+	if (param) {
+		programmer_param = strdup(param);
+		if (!programmer_param) {
+			msg_perr("Out of memory!\n");
+			return ERROR_FATAL;
+		}
+	} else {
+		programmer_param = NULL;
+	}
+
 	msg_pdbg("Initializing %s programmer\n", programmer->name);
 	ret = programmer->init(NULL);
 	if (programmer_param && strlen(programmer_param)) {
@@ -169,6 +178,8 @@ int programmer_init(const struct programmer_entry *prog, const char *param)
 			ret = ERROR_FATAL;
 		}
 	}
+	free(programmer_param);
+	programmer_param = NULL;
 	return ret;
 }
 
@@ -187,8 +198,6 @@ int programmer_shutdown(void)
 		int i = --shutdown_fn_count;
 		ret |= shutdown_fn[i].func(shutdown_fn[i].data);
 	}
-
-	programmer_param = NULL;
 	registered_master_count = 0;
 
 	return ret;
@@ -227,7 +236,7 @@ int read_memmapped(struct flashctx *flash, uint8_t *buf, unsigned int start,
  * needle and remove everything from the first occurrence of needle to the next
  * delimiter from haystack.
  */
-static char *extract_param(const char *const *haystack, const char *needle, const char *delim)
+static char *extract_param(char *const *haystack, const char *needle, const char *delim)
 {
 	char *param_pos, *opt_pos, *rest;
 	char *opt = NULL;
-- 
cgit v1.2.3