bootutil: loader: Verify image header before checking image

Changes the order of operations to validate the image header before checking the image, it does not make sense to check the image if the header itself is invalid Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
mcu-tools · Aug 22, 2024 · 6e4bb37 · 6e4bb37
1 parent 122dd75
commit 6e4bb37
Showing 1 changed file with 11 additions and 7 deletions.
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
@@ -1028,13 +1028,17 @@ boot_validate_slot(struct boot_loader_state *state, int slot,
  }
  }
 #endif
- BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR,
- fih_rc, BOOT_CURR_IMG(state), slot);
- if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR))
- {
- FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs);
- }
- if (!boot_is_header_valid(hdr, fap, state) || FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
+ if (!boot_is_header_valid(hdr, fap, state)) {
+ fih_rc = FIH_FAILURE;
+ } else {
+ BOOT_HOOK_CALL_FIH(boot_image_check_hook, FIH_BOOT_HOOK_REGULAR,
+ fih_rc, BOOT_CURR_IMG(state), slot);
+ if (FIH_EQ(fih_rc, FIH_BOOT_HOOK_REGULAR))
+ {
+ FIH_CALL(boot_image_check, fih_rc, state, hdr, fap, bs);
+ }
+ }
+ if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
  if ((slot != BOOT_PRIMARY_SLOT) || ARE_SLOTS_EQUIVALENT()) {
  flash_area_erase(fap, 0, flash_area_get_size(fap));
  /* Image is invalid, erase it to prevent further unnecessary