From 0a0f7bbd6c420448f15e2fe2ef87c1b1ecf852b1 Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Tue, 29 Sep 2020 12:00:41 +0530 Subject: [PATCH] bootloader_support: fix issue in memory mapping for getting app descriptor For getting secure_version field in anti rollback case, bootloader tries to map whole firmware partition but fails for cases where partition size is beyond available MMU free pages capacity. Fix here ensures to map only required length upto application descriptor size in firmware partition. Closes https://github.com/espressif/esp-idf/issues/5911 --- components/bootloader_support/src/bootloader_common.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/bootloader_support/src/bootloader_common.c b/components/bootloader_support/src/bootloader_common.c index 297672c23a..ca866e20c6 100644 --- a/components/bootloader_support/src/bootloader_common.c +++ b/components/bootloader_support/src/bootloader_common.c @@ -242,13 +242,15 @@ esp_err_t bootloader_common_get_partition_description(const esp_partition_pos_t return ESP_ERR_INVALID_ARG; } - const uint8_t *image = bootloader_mmap(partition->offset, partition->size); + const uint32_t app_desc_offset = sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t); + const uint32_t mmap_size = app_desc_offset + sizeof(esp_app_desc_t); + const uint8_t *image = bootloader_mmap(partition->offset, mmap_size); if (image == NULL) { - ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, partition->size); + ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", partition->offset, mmap_size); return ESP_FAIL; } - memcpy(app_desc, image + sizeof(esp_image_header_t) + sizeof(esp_image_segment_header_t), sizeof(esp_app_desc_t)); + memcpy(app_desc, image + app_desc_offset, sizeof(esp_app_desc_t)); bootloader_munmap(image); if (app_desc->magic_word != ESP_APP_DESC_MAGIC_WORD) {