From: Ley Foon Tan Date: Tue, 25 Aug 2020 02:26:36 +0000 (+0800) Subject: net: tftp: Fix store_block offset calculation X-Git-Tag: v2021.10~497^2~6^2~7 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ae0bdf09ca9737d5db9453966cf4705bdd420d31;p=platform%2Fkernel%2Fu-boot.git net: tftp: Fix store_block offset calculation tftp_cur_block start with 1 for first block, but tftp_cur_block counter is start with zero when block number is rollover. The existing code "tftp_cur_block - 1" will cause the block number become -1 in store_block() when tftp_cur_block is 0 when tftp_cur_block is rollover. The fix pass in tftp_cur_block to store_block() and minus the tftp_block_size when do the offset calculation. Signed-off-by: Ley Foon Tan Reviewed-By: Ramon Fried --- diff --git a/net/tftp.c b/net/tftp.c index 380094d..1c00387 100644 --- a/net/tftp.c +++ b/net/tftp.c @@ -159,7 +159,8 @@ static unsigned short tftp_window_size_option = TFTP_WINDOWSIZE; static inline int store_block(int block, uchar *src, unsigned int len) { - ulong offset = block * tftp_block_size + tftp_block_wrap_offset; + ulong offset = block * tftp_block_size + tftp_block_wrap_offset - + tftp_block_size; ulong newsize = offset + len; ulong store_addr = tftp_load_addr + offset; #ifdef CONFIG_SYS_DIRECT_FLASH_TFTP @@ -652,7 +653,7 @@ static void tftp_handler(uchar *pkt, unsigned dest, struct in_addr sip, timeout_count_max = tftp_timeout_count_max; net_set_timeout_handler(timeout_ms, tftp_timeout_handler); - if (store_block(tftp_cur_block - 1, pkt + 2, len)) { + if (store_block(tftp_cur_block, pkt + 2, len)) { eth_halt(); net_set_state(NETLOOP_FAIL); break;