Skip to content

Backport 89351 to v4.1 branch: Fix operation bounds check for Flash Map API #89351 #93507

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 24, 2025
Merged

Backport 89351 to v4.1 branch: Fix operation bounds check for Flash Map API #89351 #93507

merged 1 commit into from
Jul 24, 2025

Conversation

de-nordic
Copy link
Contributor

@de-nordic de-nordic commented Jul 22, 2025
edited
Loading

All functions area using is_in_flash_area_bounds for checking parameters; the function was not immune to integer overflow.
The PR fixes the function and adds test scenario for overflows.

Fixes #89349

@de-nordic
storage/flash_map: Fix is_in_flash_area_bounds
5e2e381 
Prevent possible overflow in is_in_flash_area_bounds while
validating offset and length of an operation.

Fixes #89349

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
(cherry picked from commit 3d4b427)
@zephyrbot zephyrbot added the area: Storage Storage subsystem label Jul 22, 2025
@de-nordic de-nordic force-pushed the backport-89351-to-v4.1-branch branch from d60e223 to 5e2e381 Compare July 22, 2025 13:08
@zephyrbot zephyrbot added the size: XS A PR changing only a single line of code label Jul 22, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@de-nordic de-nordic requested review from kartben and nashif July 23, 2025 06:26
@kartben kartben requested a review from fabiobaltieri July 23, 2025 13:06
@dkalowsk dkalowsk added this to the v4.1.1 milestone Jul 23, 2025
@fabiobaltieri fabiobaltieri merged commit 2f3c4c0 into v4.1-branch Jul 24, 2025
25 checks passed
@fabiobaltieri fabiobaltieri deleted the backport-89351-to-v4.1-branch branch July 24, 2025 16:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kartben kartben kartben approved these changes

@fabiobaltieri fabiobaltieri fabiobaltieri approved these changes

@nashif nashif Awaiting requested review from nashif

Assignees
No one assigned
Labels
area: Storage Storage subsystem size: XS A PR changing only a single line of code
Projects
None yet
Milestone
v4.1.1
Development

Successfully merging this pull request may close these issues.
5 participants
@de-nordic @kartben @fabiobaltieri @dkalowsk @zephyrbot