From 5ac48e7468eef1fb4280073a382ff94d60c9286c Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Wed, 14 Feb 2024 13:45:11 +0530 Subject: [PATCH] fix(spi_flash): check for safe write address in encrypted flash API --- components/spi_flash/esp_flash_api.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/components/spi_flash/esp_flash_api.c b/components/spi_flash/esp_flash_api.c index 7a29b7da9c..d9bf543920 100644 --- a/components/spi_flash/esp_flash_api.c +++ b/components/spi_flash/esp_flash_api.c @@ -946,11 +946,13 @@ esp_err_t IRAM_ATTR esp_flash_write(esp_flash_t *chip, const void *buffer, uint3 esp_err_t IRAM_ATTR esp_flash_write_encrypted(esp_flash_t *chip, uint32_t address, const void *buffer, uint32_t length) { esp_err_t err = rom_spiflash_api_funcs->chip_check(&chip); + VERIFY_CHIP_OP(write); // Flash encryption only support on main flash. if (chip != esp_flash_default_chip) { return ESP_ERR_NOT_SUPPORTED; } - if (err != ESP_OK) return err; + CHECK_WRITE_ADDRESS(chip, address, length); + if (buffer == NULL || address + length > chip->size) { return ESP_ERR_INVALID_ARG; }