Flash_Read_Data() and Flash_Write_Data() access memory out of range #3
Comments
rescue1
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
rescue1
changed the title
https://github.com/controllerstech/STM32/blob/master/FLASH_PROGRAM/F1%20SERIES/FlASH_PAGE_F1.c
ISSUE:
Flash_Read_Data (uint32_t StartPageAddress, uint32_t *RxBuf, uint16_t numberofwords) reads one more words than expected.
For example, if I am about to read 4 words, this function returns after it reads the fifth words. If the memory is allocated is only 4 words, then access out of memory boundary exception will occur.
Flash_Write_Data (uint32_t StartPageAddress, uint32_t *Data, uint16_t numberofwords) may erase one more page when numberofwords is the right size of a whole page.
If I am going to wite 2048 bytes into page 32, which is starting from 32x2048=0x08010000 to 33x2048-1=0x08017FFF, this function may erase page 32 and page 33 then write the data to page 32 only. Page 33 is just erased only as a collateral operation.
MY FIX FOR Flash_Read_Data:
Flash_Read_Data (uint32_t StartPageAddress, uint32_t *RxBuf, uint16_t numberofwords)
void Flash_Read_Data (uint32_t StartPageAddress, uint32_t *RxBuf, uint16_t numberofwords)
{
if(!numberofwords){ return; }
while (1)
{
*RxBuf = *(__IO uint32_t *)StartPageAddress;
StartPageAddress += 4;
RxBuf++;
numberofwords--;
if (!(numberofwords)){ break; }
}
}
MY FIX FOR Flash_Write_Data:
Flash_Write_Data (uint32_t StartPageAddress, uint32_t *Data, uint16_t numberofwords)
uint32_t EndPageAdress = StartPageAddress + numberofwords*4 - 1;
ADDITIONAL:
Found similar problems in F4 flash drivers. Fix is about the same.
The text was updated successfully, but these errors were encountered: