From 93aeac97280149f24ce76811fab1a1f0dd425fec Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Tue, 29 Sep 2020 12:00:41 +0530 Subject: [PATCH] bootloader_support: fix issue in memory mapping for getting app descriptor For getting secure_version field in anti rollback case, bootloader tries to map whole firmware partition but fails for cases where partition size is beyond available MMU free pages capacity. Fix here ensures to map only required length upto application descriptor size in firmware partition. Closes https://github.com/espressif/esp-idf/issues/5911 --- components/bootloader_support/src/bootloader_common.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/bootloader_support/src/bootloader_common.c b/components/bootloader_support/src/bootloader_common.c index 951c4bc97d..d70ba5f9c0 100644 --- a/components/bootloader_support/src/bootloader_common.c +++ b/components/bootloader_support/src/bootloader_common.c @@ -234,13 +234,15 @@ esp_err_t bootloader_common_get_partition_description(const esp_partition_pos_t return ESP_ERR_INVALID_ARG; } - const uint8_t *image = bootloader_mmap(partition->offset, partition->size); + const uint32_t app_desc_offset = sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t); + const uint32_t mmap_size = app_desc_offset + sizeof(esp_app_desc_t); + const uint8_t *image = bootloader_mmap(partition->offset, mmap_size); if (image == NULL) { - ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, partition->size); + ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, mmap_size); return ESP_FAIL; } - memcpy(app_desc, image + sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t), sizeof(esp_app_desc_t)); + memcpy(app_desc, image + app_desc_offset, sizeof(esp_app_desc_t)); bootloader_munmap(image); if (app_desc->magic_word != ESP_APP_DESC_MAGIC_WORD) {