flash_storage: avoid crash if a record size gets corrupted to be less than 6

fallen · fallen · commit c32133b81557 · 2015-05-27T12:56:21.000+02:00
diff --git a/soc/runtime/flash_storage.c b/soc/runtime/flash_storage.c
@@ -61,6 +61,13 @@ static int record_iter_next(struct iter_state *is, struct record *record, int *f
     if(record->size == END_MARKER)
         return 0;
 
+    if(record->size < 6) {
+        printf("flash_storage might be corrupted: record size is %u (<6) at address %08x\n", record->size, record->raw_record);
+        if(fatal)
+            *fatal = 1;
+        return 0;
+    }
+
     if(is->seek > is->buf_len - sizeof(record->size) - 2) { /* 2 is the minimum key length */
         printf("flash_storage might be corrupted: END_MARKER missing at the end of the storage sector\n");
         if(fatal)
