alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

secure boot v2: Fix crash if signature verification fails in app

Browse Source 
sha_handle is "finished" when verify_secure_boot_signature() returns and
should be nulled out.

Alternative version of fix submitted in https://github.com/espressif/esp-idf/pull/6210

Closes https://github.com/espressif/esp-idf/pull/6210

Signed-off-by: Angus Gratton <angus@espressif.com>
This commit is contained in:
Morozov-5F 2020-12-31 18:14:50 +11:00 committed by Mahavir Jain
parent 62cc864cbe
commit a8837aa378
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
components/bootloader_support/src/esp_image_format.c
View File

@ -235,6 +235,7 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_
if (true) {
#endif // end checking for JTAG
err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
sha_handle = NULL; // verify_secure_boot_signature finishes sha_handle
}
#else // SECURE_BOOT_CHECK_SIGNATURE
// No secure boot, but SHA-256 can be appended for basic corruption detection