espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-04 21:24:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

bootloader_support: fix Coverity scan warning

Browse Source 
Null pointer dereferences  (REVERSE_INULL) :

Null-checking "part" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
This commit is contained in:
Mahavir Jain
2021-12-07 09:47:05 +05:30
parent 13978c9556
commit 5cdd3999c7
1 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
components/bootloader_support/src/esp_image_format.c
View File

@@ -127,25 +127,27 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_
uint32_t checksum_word = ESP_ROM_CHECKSUM_INITIAL; uint32_t checksum_word = ESP_ROM_CHECKSUM_INITIAL;
uint32_t *checksum = (do_verify) ? &checksum_word : NULL; uint32_t *checksum = (do_verify) ? &checksum_word : NULL;
bootloader_sha256_handle_t sha_handle = NULL; bootloader_sha256_handle_t sha_handle = NULL;
bool verify_sha;
#if (SECURE_BOOT_CHECK_SIGNATURE == 1) #if (SECURE_BOOT_CHECK_SIGNATURE == 1)
/* used for anti-FI checks */ /* used for anti-FI checks */
uint8_t image_digest[HASH_LEN] = { [ 0 ... 31] = 0xEE }; uint8_t image_digest[HASH_LEN] = { [ 0 ... 31] = 0xEE };
uint8_t verified_digest[HASH_LEN] = { [ 0 ... 31 ] = 0x01 }; uint8_t verified_digest[HASH_LEN] = { [ 0 ... 31 ] = 0x01 };
#endif #endif
#if CONFIG_SECURE_BOOT_V2_ENABLED
// For Secure Boot V2, we do verify signature on bootloader which includes the SHA calculation.
bool verify_sha = do_verify;
#else // Secure boot not enabled
// For secure boot V1 on ESP32, we don't calculate SHA or verify signature on bootloaders.
// (For non-secure boot, we don't verify any SHA-256 hash appended to the bootloader because
// esptool.py may have rewritten the header - rely on esptool.py having verified the bootloader at flashing time, instead.)
bool verify_sha = (part->offset != ESP_BOOTLOADER_OFFSET) && do_verify;
#endif
if (data == NULL || part == NULL) { if (data == NULL || part == NULL) {
return ESP_ERR_INVALID_ARG; return ESP_ERR_INVALID_ARG;
} }
#if CONFIG_SECURE_BOOT_V2_ENABLED
// For Secure Boot V2, we do verify signature on bootloader which includes the SHA calculation.
verify_sha = do_verify;
#else // Secure boot not enabled
// For secure boot V1 on ESP32, we don't calculate SHA or verify signature on bootloaders.
// (For non-secure boot, we don't verify any SHA-256 hash appended to the bootloader because
// esptool.py may have rewritten the header - rely on esptool.py having verified the bootloader at flashing time, instead.)
verify_sha = (part->offset != ESP_BOOTLOADER_OFFSET) && do_verify;
#endif
if (part->size > SIXTEEN_MB) { if (part->size > SIXTEEN_MB) {
err = ESP_ERR_INVALID_ARG; err = ESP_ERR_INVALID_ARG;
FAIL_LOAD("partition size 0x%x invalid, larger than 16MB", part->size); FAIL_LOAD("partition size 0x%x invalid, larger than 16MB", part->size);