From 558247e218c1e8d563c608d58c418d59b1f98672 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arnim=20L=C3=A4uger?= <arniml@users.sourceforge.net>
Date: Wed, 15 Jul 2009 16:46:58 +0000
Subject: [PATCH] [ 2821646 ] Possible buffer overrun in amd_detect (MURANAKA
 Masaki)

git-svn-id: https://urjtag.svn.sourceforge.net/svnroot/urjtag/trunk@1661 b68d4a1b-bc3d-0410-92ed-d4ac073336b7
---
 jtag/ChangeLog               | 2 ++
 jtag/src/flash/amd_flash.c   | 4 ++--
 urjtag/ChangeLog             | 2 ++
 urjtag/src/flash/amd_flash.c | 4 ++--
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/jtag/ChangeLog b/jtag/ChangeLog
index 94992f40..4a8daf56 100644
--- a/jtag/ChangeLog
+++ b/jtag/ChangeLog
@@ -2,6 +2,8 @@
 
   * src/flash/amd_flash.c: [ 2821629 ] Can't find flash_info : amd_flash.c
     (MURANAKA Masaki)
+  * src/flash/amd_flash.c: [ 2821646 ] Possible buffer overrun in amd_detect
+    (MURANAKA Masaki)
 
   * src/flash/flash.c, include/jtag.h:
     [ 2816643 ] Matching arguments of funcion flasherase()
diff --git a/jtag/src/flash/amd_flash.c b/jtag/src/flash/amd_flash.c
index 489d6b49..85fd2730 100644
--- a/jtag/src/flash/amd_flash.c
+++ b/jtag/src/flash/amd_flash.c
@@ -157,8 +157,8 @@ int amd_detect(bus_t *bus, uint32_t adr, cfi_array_t **cfi_array )
 		if (!cfi->device_geometry.erase_block_regions)
 			return -2;	/* out of memory */
 
-		cfi->device_geometry.erase_block_regions[i].erase_block_size = 64 * 1024;
-		cfi->device_geometry.erase_block_regions[i].number_of_erase_blocks = 8;
+		cfi->device_geometry.erase_block_regions[0].erase_block_size = 64 * 1024;
+		cfi->device_geometry.erase_block_regions[0].number_of_erase_blocks = 8;
 		//Add other details for info
 	}
 	return 0;
diff --git a/urjtag/ChangeLog b/urjtag/ChangeLog
index abe56208..302a9f0e 100644
--- a/urjtag/ChangeLog
+++ b/urjtag/ChangeLog
@@ -2,6 +2,8 @@
 
   * src/flash/amd_flash.c: [ 2821629 ] Can't find flash_info : amd_flash.c
     (MURANAKA Masaki)
+  * src/flash/amd_flash.c: [ 2821646 ] Possible buffer overrun in amd_detect
+    (MURANAKA Masaki)
 
   * src/flash/flash.c, include/urjtag/flash.h:
     [ 2816643 ] Matching arguments of funcion flasherase()
diff --git a/urjtag/src/flash/amd_flash.c b/urjtag/src/flash/amd_flash.c
index e3696cc5..414037f2 100644
--- a/urjtag/src/flash/amd_flash.c
+++ b/urjtag/src/flash/amd_flash.c
@@ -181,9 +181,9 @@ urj_flash_amd_detect (urj_bus_t *bus, uint32_t adr,
             return URJ_STATUS_FAIL;
         }
 
-        cfi->device_geometry.erase_block_regions[i].erase_block_size =
+        cfi->device_geometry.erase_block_regions[0].erase_block_size =
             64 * 1024;
-        cfi->device_geometry.erase_block_regions[i].number_of_erase_blocks =
+        cfi->device_geometry.erase_block_regions[0].number_of_erase_blocks =
             8;
         //Add other details for info
     }