platform: template: Add input validation to otp_nv_counters_backend Check that erases do not go beyond the TFM_OTP_NV_COUNTERS_AREA. This is an indirect input-validation for offset. Change-Id: I9b226cd11d770c7532d87ac748ded43860c1e926 Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>

commit: 7eaeb32547c543280b703cd9fe70fa9714c6b70f [log] [tgz]
author: Sebastian Bøe <sebastian.boe@nordicsemi.no> Tue Oct 04 09:18:18 2022 +0200
committer: David Hu <david.hu@arm.com> Thu Oct 13 04:18:04 2022 +0200
tree: 1016a9639dec708fb117d0d585845dd0e020dce6
parent: 072f7d365f03b9c7f2a23e617f1a6ffc48c37bd4 [diff]
diff --git a/platform/ext/common/template/flash_otp_nv_counters_backend.c b/platform/ext/common/template/flash_otp_nv_counters_backend.c
index 4b77cae..b529d21 100644
--- a/platform/ext/common/template/flash_otp_nv_counters_backend.c
+++ b/platform/ext/common/template/flash_otp_nv_counters_backend.c

@@ -314,6 +314,11 @@
     DriverCapabilities = OTP_NV_COUNTERS_FLASH_DEV.GetCapabilities();
     data_width = data_width_byte[DriverCapabilities.data_width];
 
+    if (end > TFM_OTP_NV_COUNTERS_AREA_SIZE) {
+        /* Erase is beyond the TFM_OTP_NV_COUNTERS_AREA */
+        return TFM_PLAT_ERR_SYSTEM_ERR;
+    }
+
     /* If it's not part of the sectors  that are being erased, first erase the
      * sector with the is_valid flag.
      */
commit	7eaeb32547c543280b703cd9fe70fa9714c6b70f	[log] [tgz]
author	Sebastian Bøe <sebastian.boe@nordicsemi.no>	Tue Oct 04 09:18:18 2022 +0200
committer	David Hu <david.hu@arm.com>	Thu Oct 13 04:18:04 2022 +0200
tree	1016a9639dec708fb117d0d585845dd0e020dce6
parent	072f7d365f03b9c7f2a23e617f1a6ffc48c37bd4 [diff]