15e862e33c
function, which is expected to set returned env to NULL upon reaching the end of the environment list but fails to do so in certain cases. The respective u-boot code looks like the following (HEAD at the time of this commit): --- api.c --- 496 static int API_env_enum(va_list ap) ... 510 *next = last; 511 512 for (i = 0; env_get_char(i) != '\0'; i = n + 1) { 513 for (n = i; env_get_char(n) != '\0'; ++n) { 514 if (n >= CONFIG_ENV_SIZE) { 515 /* XXX shouldn't we set *next = NULL?? */ 516 return 0; 517 } 518 } ------------- The net result is that any unfortunate user of the loader's ub_env_enum() function hitting this condition would be trapped in the infinite loop, as the main use pattern of ub_env_enum() is basically the following: while ((env = ub_env_enum(env)) != NULL) { DO STUFF } Which would stuck forever with the last element.