Commit 2e605191 authored by Thomas Altenbach's avatar Thomas Altenbach Committed by David Brown
Browse files

boot: bootutil: swap-offset: Fix image size check during validation 



When checking the size of an image in bootutil_img_validate, the offset
to the end of the TLV area was used as the image size in all cases.
However, when using swap-offset, the upgrade image is written in the
secondary with an offset. This offset is not part of the image and must
therefore not be taken into account in the image size.

Signed-off-by: default avatarThomas Altenbach <thomas.altenbach@legrand.com>
parent 61d280b9

boot/bootutil/src/image_validate.c

+8 −1
Original line number Diff line number Diff line
@@ -490,6 +490,7 @@ bootutil_img_validate(struct boot_loader_state *state, 
    uint32_t off;

    uint16_t len;

    uint16_t type;

    uint32_t img_sz;

#ifdef EXPECTED_SIG_TLV

    FIH_DECLARE(valid_signature, FIH_FAILURE);

#ifndef MCUBOOT_BUILTIN_KEY
@@ -555,7 +556,13 @@ bootutil_img_validate(struct boot_loader_state *state, 
        goto out;

    }



    if (it.tlv_end > bootutil_max_image_size(state, fap)) {

#ifdef MCUBOOT_SWAP_USING_OFFSET

    img_sz = it.tlv_end - it.start_off;

#else

    img_sz = it.tlv_end;

#endif



    if (img_sz > bootutil_max_image_size(state, fap)) {

        rc = -1;

        goto out;

    }

CRA Git | Maintained and supported by SUSTech CRA and CCSE