diff options
Diffstat (limited to 'bl2')
-rw-r--r-- | bl2/CMakeLists.txt | 3 | ||||
-rw-r--r-- | bl2/src/flash_map.c | 42 |
2 files changed, 43 insertions, 2 deletions
diff --git a/bl2/CMakeLists.txt b/bl2/CMakeLists.txt index 56cbecc648..bab9901858 100644 --- a/bl2/CMakeLists.txt +++ b/bl2/CMakeLists.txt @@ -1,5 +1,5 @@ #------------------------------------------------------------------------------- -# Copyright (c) 2020, Arm Limited. All rights reserved. +# Copyright (c) 2020-2021, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -25,6 +25,7 @@ set_target_properties(bl2 target_include_directories(bl2 PRIVATE $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include> + $<BUILD_INTERFACE:${MCUBOOT_PATH}/boot/bootutil/src> ) target_link_libraries(bl2 diff --git a/bl2/src/flash_map.c b/bl2/src/flash_map.c index 4286f86e66..ffb04ee370 100644 --- a/bl2/src/flash_map.c +++ b/bl2/src/flash_map.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * Copyright (c) 2019-2021, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -9,6 +9,7 @@ #include "target.h" #include "flash_map/flash_map.h" #include "flash_map_backend/flash_map_backend.h" +#include "bootutil_priv.h" #include "bootutil/bootutil_log.h" #include "Driver_Flash.h" @@ -94,6 +95,30 @@ static const struct flash_area flash_map[] = { static const int flash_map_entry_num = ARRAY_SIZE(flash_map); /* + * Check the target address in the flash_area_xxx operation. + */ +static bool is_range_valid(const struct flash_area *area, + uint32_t off, + uint32_t len) +{ + uint32_t size; + + if (!area) { + return false; + } + + if (!boot_u32_safe_add(&size, off, len)) { + return false; + } + + if (area->fa_size < size) { + return false; + } + + return true; +} + +/* * `open` a flash area. The `area` in this case is not the individual * sectors, but describes the particular flash area in question. */ @@ -125,6 +150,11 @@ int flash_area_read(const struct flash_area *area, uint32_t off, void *dst, uint32_t len) { BOOT_LOG_DBG("read area=%d, off=%#x, len=%#x", area->fa_id, off, len); + + if (!is_range_valid(area, off, len)) { + return -1; + } + return DRV_FLASH_AREA(area)->ReadData(area->fa_off + off, dst, len); } @@ -132,6 +162,11 @@ int flash_area_write(const struct flash_area *area, uint32_t off, const void *src, uint32_t len) { BOOT_LOG_DBG("write area=%d, off=%#x, len=%#x", area->fa_id, off, len); + + if (!is_range_valid(area, off, len)) { + return -1; + } + return DRV_FLASH_AREA(area)->ProgramData(area->fa_off + off, src, len); } @@ -142,6 +177,11 @@ int flash_area_erase(const struct flash_area *area, uint32_t off, uint32_t len) int32_t rc = 0; BOOT_LOG_DBG("erase area=%d, off=%#x, len=%#x", area->fa_id, off, len); + + if (!is_range_valid(area, off, len)) { + return -1; + } + flash_info = DRV_FLASH_AREA(area)->GetInfo(); if (flash_info->sector_info == NULL) { |