dfucore: Reject erase outside the allowed range

An illegal erase request may get emitted as the DFU program may erase first. Checking before flashing is not enough.
2020-03-19 17:43:06 +01:00 · 2020-03-19 17:43:06 +01:00 · 2b76ec0ea3
parent a7efe7cc14
commit 2b76ec0ea3
1 changed files with 6 additions and 1 deletions
--- a/src/platforms/stm32/dfucore.c
+++ b/src/platforms/stm32/dfucore.c
@ -176,9 +176,14 @@ usbdfu_getstatus_complete(usbd_device *dev, struct usb_setup_data *req)

 		flash_unlock();
 		if(prog.blocknum == 0) {
-			int32_t addr = get_le32(prog.buf + 1);
+			uint32_t addr = get_le32(prog.buf + 1);
 			switch(prog.buf[0]) {
 			case CMD_ERASE:
+				if ((addr <  app_address) || (addr >= max_address)) {
+					usbdfu_state = 	STATE_DFU_ERROR;
+					flash_lock();
+					return;
+				}
 				dfu_check_and_do_sector_erase(addr);
 			}
 		} else {