From 0167a5e96ddeca80ad6cf61c1a73427da87275c8 Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Tue, 29 Sep 2020 12:00:41 +0530 Subject: [PATCH] bootloader_support: fix issue in memory mapping for getting app descriptor For getting secure_version field in anti rollback case, bootloader tries to map whole firmware partition but fails for cases where partition size is beyond available MMU free pages capacity. Fix here ensures to map only required length upto application descriptor size in firmware partition. Closes https://github.com/espressif/esp-idf/issues/5911 --- components/bootloader_support/src/bootloader_common.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/bootloader_support/src/bootloader_common.c b/components/bootloader_support/src/bootloader_common.c index 61d89f67e..bc261109f 100644 --- a/components/bootloader_support/src/bootloader_common.c +++ b/components/bootloader_support/src/bootloader_common.c @@ -247,13 +247,15 @@ esp_err_t bootloader_common_get_partition_description(const esp_partition_pos_t return ESP_ERR_INVALID_ARG; } - const uint8_t *image = bootloader_mmap(partition->offset, partition->size); + const uint32_t app_desc_offset = sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t); + const uint32_t mmap_size = app_desc_offset + sizeof(esp_app_desc_t); + const uint8_t *image = bootloader_mmap(partition->offset, mmap_size); if (image == NULL) { - ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, partition->size); + ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, mmap_size); return ESP_FAIL; } - memcpy(app_desc, image + sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t), sizeof(esp_app_desc_t)); + memcpy(app_desc, image + app_desc_offset, sizeof(esp_app_desc_t)); bootloader_munmap(image); if (app_desc->magic_word != ESP_APP_DESC_MAGIC_WORD) {