From 284f9c6ee88476812be26b5c58d3efd09ccaa79b Mon Sep 17 00:00:00 2001
From: robert h <robert@hammelrath.com>
Date: Thu, 6 Sep 2018 15:10:52 +0200
Subject: [PATCH] ftp/updater.x: Add checks for proper use.

---
 esp32/ftp/updater.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/esp32/ftp/updater.c b/esp32/ftp/updater.c
index 41e9629188..29b57950bc 100644
--- a/esp32/ftp/updater.c
+++ b/esp32/ftp/updater.c
@@ -123,6 +123,14 @@ bool updater_write (uint8_t *buf, uint32_t len) {
 
     // the actual writing into flash, not-encrypted,
     // because it already came encrypted from OTA server
+    if (updater_data.offset == 0) {
+        ESP_LOGE(TAG, "OTA start not called\n");
+        return false;
+    }
+    if ((boot_info.size + len) > IMG_SIZE) {
+        ESP_LOGE(TAG, "OTA write attempt > partition\n");
+        return false;
+    }
     if (ESP_OK != updater_spi_flash_write(updater_data.offset, (void *)buf, len, false)) {
         ESP_LOGE(TAG, "SPI flash write failed\n");
         return false;
@@ -132,7 +140,8 @@ bool updater_write (uint8_t *buf, uint32_t len) {
     updater_data.current_chunk += len;
     boot_info.size += len;
 
-    if (updater_data.current_chunk >= SPI_FLASH_SEC_SIZE) {
+    if ((updater_data.current_chunk >= SPI_FLASH_SEC_SIZE) &&
+        (boot_info.size <= (IMG_SIZE - SPI_FLASH_SEC_SIZE))) {
         updater_data.current_chunk -= SPI_FLASH_SEC_SIZE;
         // erase the next sector
         if (ESP_OK != spi_flash_erase_sector((updater_data.offset + SPI_FLASH_SEC_SIZE) / SPI_FLASH_SEC_SIZE)) {

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/pycom/pycom-micropython-sigfox/pull/208.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/pycom/pycom-micropython-sigfox/pull/208.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/pycom/pycom-micropython-sigfox/pull/208.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/pycom/pycom-micropython-sigfox/pull/208.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>