usbus/dfu: fix underflow condition while updating firmware #17128
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contribution description
This PR fixes an underflow condition which can occurs if host sends less than 4 bytes of data during a DFU download operation.
While loading a new firmware through a
DFU_DNLOAD
request, DFU skips theRIOTBOOT_FLASHWRITE_SKIPLEN
bytes as we don't need them in flash. This skip wasn't guarded so if theDFU_DNLOAD
request contains less thanRIOTBOOT_FLASHWRITE_SKIPLEN
bytes, an underflow integer occurs with unexpected behaviour. Thus, add a proper check to prevent this situation from happening by stalling the request if it has less thanRIOTBOOT_FLASHWRITE_SKIPLEN
bytes of data.edit:
The internal DFU state machine was also updated and will now returns dfuERROR in case of failure (underflow or flash write failure) to the host (through GET_STATUS request).
A new request handling was added to clear this error and return to dfuIDLE (CLRSTATUS request).
This way dfu-util safely abort the dfu upgrade procedure and indicate that something was wrong. A new dfu update can be made right after without restarting the device.
Testing procedure
Issues/PRs references
Reported-by @szymonh through the forum, many thanks for his report !