Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lib: updatehub: Fix out-of-bounds access and add flash_img_init return value check #27223

Merged
merged 2 commits into from
Jul 30, 2020
Merged

lib: updatehub: Fix out-of-bounds access and add flash_img_init return value check #27223

merged 2 commits into from
Jul 30, 2020

Conversation

nandojve
Copy link
Member

The flash_img_int return value is not checked for fail conditions. This can result on useless download attempts once image will not be properly recorded. Add return value check and on error execute default treatment.
Fixes #26992.

The struct pollfd context variable is not proper initialized and index is out-of-bounds. Adjusts index to be inside scope boundary.
Fixes #26993.

CC: @otavio

@nandojve nandojve added the area: OTA Over-the-Air Firmware Upgrade label Jul 29, 2020
ceolin
ceolin reviewed Jul 29, 2020
View reviewed changes
lib/updatehub/updatehub.c Outdated Show resolved Hide resolved
@nandojve
lib: updatehub: Fix out-of-bounds access
7cbe1fe 
The struct pollfd context variable is not proper initialized and index
is out-of-bounds. Adjusts index to be inside scope boundary.

Fixes zephyrproject-rtos#26993.

Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
@nandojve
lib: updatehub: Add flash_img_init return value check
d035a6e 
The flash_img_int return value is not checked for fail conditions.
This can result on useless download attempts once image will not
be properly recorded. Add return value check and on error execute
default treatment.

Fixes zephyrproject-rtos#26992.

Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
@nandojve nandojve force-pushed the topic/uhu-resource-out-of-bound branch from 8abd3ef to d035a6e Compare July 30, 2020 00:57
@jukkar jukkar mentioned this pull request Jul 30, 2020
Merged
@carlescufi carlescufi merged commit 32bafac into zephyrproject-rtos:master Jul 30, 2020
@nandojve nandojve deleted the topic/uhu-resource-out-of-bound branch July 30, 2020 15:25
@nandojve nandojve mentioned this pull request Aug 2, 2020
Merged
This was referenced Aug 30, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@otavio otavio otavio approved these changes

@ceolin ceolin ceolin approved these changes

@jukkar jukkar jukkar approved these changes

@dleach02 dleach02 Awaiting requested review from dleach02

Assignees
No one assigned
Labels
area: OTA Over-the-Air Firmware Upgrade
Projects
None yet
Milestone
No milestone
5 participants
@nandojve @otavio @ceolin @jukkar @carlescufi