From f7f81c33f7f270f55f1a424cf63041bc1de4cef0 Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Tue, 29 Sep 2020 12:00:41 +0530 Subject: [PATCH] bootloader_support: fix issue in memory mapping for getting app descriptor For getting secure_version field in anti rollback case, bootloader tries to map whole firmware partition but fails for cases where partition size is beyond available MMU free pages capacity. Fix here ensures to map only required length upto application descriptor size in firmware partition. Closes https://github.com/espressif/esp-idf/issues/5911 --- components/bootloader_support/src/bootloader_common.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/bootloader_support/src/bootloader_common.c b/components/bootloader_support/src/bootloader_common.c index 248e0e1b55..5b6baeb56f 100644 --- a/components/bootloader_support/src/bootloader_common.c +++ b/components/bootloader_support/src/bootloader_common.c @@ -234,13 +234,15 @@ esp_err_t bootloader_common_get_partition_description(const esp_partition_pos_t return ESP_ERR_INVALID_ARG; } - const uint8_t *image = bootloader_mmap(partition->offset, partition->size); + const uint32_t app_desc_offset = sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t); + const uint32_t mmap_size = app_desc_offset + sizeof(esp_app_desc_t); + const uint8_t *image = bootloader_mmap(partition->offset, mmap_size); if (image == NULL) { - ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, partition->size); + ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, mmap_size); return ESP_FAIL; } - memcpy(app_desc, image + sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t), sizeof(esp_app_desc_t)); + memcpy(app_desc, image + app_desc_offset, sizeof(esp_app_desc_t)); bootloader_munmap(image); if (app_desc->magic_word != ESP_APP_DESC_MAGIC_WORD) {