function, which is expected to set returned env to NULL upon reaching the end
of the environment list but fails to do so in certain cases. The respective
u-boot code looks like the following (HEAD at the time of this commit):
--- api.c ---
496 static int API_env_enum(va_list ap)
...
510 *next = last;
511
512 for (i = 0; env_get_char(i) != '\0'; i = n + 1) {
513 for (n = i; env_get_char(n) != '\0'; ++n) {
514 if (n >= CONFIG_ENV_SIZE) {
515 /* XXX shouldn't we set *next = NULL?? */
516 return 0;
517 }
518 }
-------------
The net result is that any unfortunate user of the loader's ub_env_enum()
function hitting this condition would be trapped in the infinite loop, as
the main use pattern of ub_env_enum() is basically the following:
while ((env = ub_env_enum(env)) != NULL) { DO STUFF }
Which would stuck forever with the last element.
15e862e33c