Merge branch 'bugfix/secure_boot_sig_failed_crash' into 'master'

secure boot: Fix crash if signature verification fails in app Closes IDFGH-4376 See merge request espressif/esp-idf!11846
2024-10-05 20:47:46 -04:00 · 2021-01-08 16:23:29 +08:00 · 2021-01-08 16:23:29 +08:00 · c535d569aa
commit c535d569aa
parent 49322be893 a8837aa378
1 changed files with 1 additions and 0 deletions
--- a/components/bootloader_support/src/esp_image_format.c
+++ b/components/bootloader_support/src/esp_image_format.c
@ -235,6 +235,7 @@ static esp_err_t image_load(esp_image_load_mode_t mode, const esp_partition_pos_
            if (true) {
 #endif // end checking for JTAG
                err = verify_secure_boot_signature(sha_handle, data, image_digest, verified_digest);
+                sha_handle = NULL; // verify_secure_boot_signature finishes sha_handle
            }
 #else // SECURE_BOOT_CHECK_SIGNATURE
            // No secure boot, but SHA-256 can be appended for basic corruption detection