CalvinBackup/Embedded-Hacking
1
0
Fork 0
mirror of https://github.com/mytechnotalent/Embedded-Hacking.git synced 2026-05-19 22:38:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix flash bounds check

Browse Source
This commit is contained in:
Kevin Thomas
2026-05-09 16:40:32 -04:00
parent 81a746346c
commit 8edeec2bd7
4 changed files with 42 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
drivers/0x0f_flash/flash.c
+12
View File
@@ -34,6 +34,12 @@
#include "pico/stdlib.h"
void flash_driver_write(uint32_t flash_offset, const uint8_t *data, uint32_t len) {
if (data == NULL || flash_offset >= FLASH_DRIVER_SIZE_BYTES) {
return;
}
if (len > FLASH_DRIVER_SIZE_BYTES - flash_offset) {
len = FLASH_DRIVER_SIZE_BYTES - flash_offset;
}
uint32_t ints = save_and_disable_interrupts();
flash_range_erase(flash_offset, FLASH_SECTOR_SIZE);
flash_range_program(flash_offset, data, len);
@@ -41,6 +47,12 @@ void flash_driver_write(uint32_t flash_offset, const uint8_t *data, uint32_t len
}
void flash_driver_read(uint32_t flash_offset, uint8_t *out, uint32_t len) {
if (out == NULL || flash_offset >= FLASH_DRIVER_SIZE_BYTES) {
return;
}
if (len > FLASH_DRIVER_SIZE_BYTES - flash_offset) {
len = FLASH_DRIVER_SIZE_BYTES - flash_offset;
}
const uint8_t *flash_target_contents = (const uint8_t *)(XIP_BASE + flash_offset);
memcpy(out, flash_target_contents, len);
}
drivers/0x0f_flash/flash.h
+9 -6
View File
@@ -44,13 +44,15 @@
* @brief Erase one 4096-byte sector and write data to on-chip flash
*
* The target address must be aligned to a 4096-byte sector boundary.
* The function disables interrupts, erases the containing sector,
* programs up to @p len bytes from @p data, and re-enables interrupts. The
* The function guards against NULL @p data and out-of-range @p flash_offset,
* returning immediately if either is invalid. If @p len would exceed the
* flash boundary it is clamped to the remaining space. Interrupts are
* disabled for the erase+program sequence and re-enabled on return. The
* write length must be a multiple of FLASH_DRIVER_PAGE_SIZE (256 bytes);
* pad with 0xFF if necessary.
*
* @param flash_offset Byte offset from the start of flash (must be sector-aligned)
* @param data Pointer to the data buffer to write
* @param data Pointer to the data buffer to write (must not be NULL)
* @param len Number of bytes to write (multiple of FLASH_DRIVER_PAGE_SIZE)
*/
void flash_driver_write(uint32_t flash_offset, const uint8_t *data, uint32_t len);
@@ -59,11 +61,12 @@ void flash_driver_write(uint32_t flash_offset, const uint8_t *data, uint32_t len
* @brief Read bytes from on-chip flash via the XIP memory map
*
* Flash is memory-mapped starting at XIP_BASE (0x10000000). This function
* copies @p len bytes beginning at @p flash_offset into @p out using the
* XIP read path, which is always available without erasing.
* guards against NULL @p out and out-of-range @p flash_offset, returning
* immediately if either is invalid. If @p len would exceed the flash
* boundary it is clamped to the remaining space before the memcpy.
*
* @param flash_offset Byte offset from the start of flash
* @param out Pointer to the destination buffer (must be @p len bytes)
* @param out Pointer to the destination buffer (must not be NULL)
* @param len Number of bytes to read
*/
void flash_driver_read(uint32_t flash_offset, uint8_t *out, uint32_t len);