djsundog/circuitpython
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stm32/storage: Prevent attempts to read/write invalid block addresses.

Browse Source 
A corrupt filesystem may lead to a request for a block which is out of
range of the block device limits.  Return an error instead of passing the
request down to the lower layer.
This commit is contained in:
Andrew Leech 2021-03-05 09:46:14 +11:00 committed by Damien George
parent 680ce45323
commit 59a129f22f
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ports/stm32/storage.c
View File

@ -340,9 +340,13 @@ STATIC mp_obj_t pyb_flash_readblocks(size_t n_args, const mp_obj_t *args) {
else if (self != &pyb_flash_obj) {
// Extended block read on a sub-section of the flash storage
uint32_t offset = mp_obj_get_int(args[3]);
if ((block_num * PYB_FLASH_NATIVE_BLOCK_SIZE) >= self->len) {
ret = -MP_EFAULT; // Bad address
} else {
block_num += self->start / PYB_FLASH_NATIVE_BLOCK_SIZE;
ret = MICROPY_HW_BDEV_READBLOCKS_EXT(bufinfo.buf, block_num, offset, bufinfo.len);
}
}
#endif
return MP_OBJ_NEW_SMALL_INT(ret);
}
@ -363,9 +367,13 @@ STATIC mp_obj_t pyb_flash_writeblocks(size_t n_args, const mp_obj_t *args) {
else if (self != &pyb_flash_obj) {
// Extended block write on a sub-section of the flash storage
uint32_t offset = mp_obj_get_int(args[3]);
if ((block_num * PYB_FLASH_NATIVE_BLOCK_SIZE) >= self->len) {
ret = -MP_EFAULT; // Bad address
} else {
block_num += self->start / PYB_FLASH_NATIVE_BLOCK_SIZE;
ret = MICROPY_HW_BDEV_WRITEBLOCKS_EXT(bufinfo.buf, block_num, offset, bufinfo.len);
}
}
#endif
return MP_OBJ_NEW_SMALL_INT(ret);
}