From 493c8cb2ae937fb50c2ce53338c9034c5c6636e5 Mon Sep 17 00:00:00 2001
From: Sandrine Bailleux <sandrine.bailleux@arm.com>
Date: Wed, 19 Mar 2014 16:03:48 +0000
Subject: [PATCH] Fix file_to_uuid() function

This patch fixes a bug in the 'file_to_uuid()' function: it used
to cause an exception by dereferencing a null pointer when
a given UUID was not found in the UUID array. The fix is to delete
the final null entry in the UUID array, which is not needed because
the array is statically declared so its size is known at build time.

Fixes ARM-software/tf-issues#43

Change-Id: I0a003485b88134564c0d36f57c274215d9e16532
---
 drivers/io/io_fip.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/io/io_fip.c b/drivers/io/io_fip.c
index 372537218..1eb76faaa 100644
--- a/drivers/io/io_fip.c
+++ b/drivers/io/io_fip.c
@@ -67,7 +67,6 @@ static plat_fip_name_uuid name_uuid[] = {
 	{BL31_IMAGE_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31},
 	{BL32_IMAGE_NAME, UUID_SECURE_PAYLOAD_BL32},
 	{BL33_IMAGE_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33},
-	{NULL, {0} }
 };
 
 static const uuid_t uuid_null = {0};
@@ -118,7 +117,7 @@ static int file_to_uuid(const char *filename, uuid_t *uuid)
 	int i;
 	int status = -EINVAL;
 
-	for (i = 0; i < (sizeof(name_uuid)/sizeof(plat_fip_name_uuid)); i++) {
+	for (i = 0; i < (sizeof(name_uuid) / sizeof(name_uuid[0])); i++) {
 		if (strcmp(filename, name_uuid[i].name) == 0) {
 			copy_uuid(uuid, &name_uuid[i].uuid);
 			status = 0;