From 91759aba95434991955b407470fe426bd40bdc9b Mon Sep 17 00:00:00 2001 From: CTCaer Date: Fri, 17 Jan 2020 09:35:16 +0200 Subject: [PATCH] r2p/update: Fix check for the 'if not forced' case This fixes the following case: When force is 0 and the payload is not hekate, the function jumps to the 'is old' check. This skips the is magic value check and only does the version check. In case the foreign payload has a low value on that offset, it causes an overwrite which is unneeded. --- bootloader/main.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/bootloader/main.c b/bootloader/main.c index 80dfeb5..2bc4cb2 100644 --- a/bootloader/main.c +++ b/bootloader/main.c @@ -256,14 +256,17 @@ bool is_ipl_updated(void *buf, char *path, bool force) { ipl_ver_meta_t *update_ft = (ipl_ver_meta_t *)(buf + PATCHED_RELOC_SZ + sizeof(boot_cfg_t)); + bool magic_valid = update_ft->magic == ipl_ver.magic; + bool force_update = force && !magic_valid; + bool is_valid_old = magic_valid && (byte_swap_32(update_ft->version) < byte_swap_32(ipl_ver.version)); + // Check if newer version. - if (!force && (update_ft->magic == ipl_ver.magic)) + if (!force && magic_valid) if (byte_swap_32(update_ft->version) > byte_swap_32(ipl_ver.version)) return false; // Update if old or broken. - if ((force && (update_ft->magic != ipl_ver.magic)) || - (byte_swap_32(update_ft->version) < byte_swap_32(ipl_ver.version))) + if (force_update || is_valid_old) { FIL fp; volatile reloc_meta_t *reloc = (reloc_meta_t *)(IPL_LOAD_ADDR + RELOC_META_OFF);