mirror/pico-sdk
1
0
Fork 0
mirror of https://github.com/raspberrypi/pico-sdk.git synced 2025-12-10 07:14:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add buffer validation for nonsecure stdio

Browse source 
Prevents nonsecure code printing secure data
This commit is contained in:
William Vinnicombe 2025-12-05 15:23:11 +00:00
parent 26e397aab2
commit 2c4e1f62f3
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/rp2_common/pico_bootrom/bootrom.c
View file

@ -504,6 +504,9 @@ int rom_default_callback(uint32_t a, uint32_t b, uint32_t c, uint32_t d, uint32_
switch (fn) { switch (fn) {
#if PICO_ALLOW_NONSECURE_STDIO #if PICO_ALLOW_NONSECURE_STDIO
case SECURE_CALL_stdio_out_chars: { case SECURE_CALL_stdio_out_chars: {
uint32_t ok = RCP_MASK_FALSE;
rom_validate_ns_buffer((char*)a, b, RCP_MASK_TRUE, &ok);
if (ok != RCP_MASK_TRUE) return BOOTROM_ERROR_NOT_PERMITTED;
stdio_put_string((char*)a, b, false, true); stdio_put_string((char*)a, b, false, true);
stdio_flush(); stdio_flush();
return BOOTROM_OK; return BOOTROM_OK;