Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Checksum against truncated / corrupted avm files #1260

Open
bettio opened this issue Sep 8, 2024 · 2 comments
Open

Checksum against truncated / corrupted avm files #1260

bettio opened this issue Sep 8, 2024 · 2 comments
Labels
enhancement

Comments

@bettio
Copy link
Collaborator

bettio commented Sep 8, 2024

There is no easy way to know if a .avm file is truncated or overwritten with other data.
When this kind of issues happen they might be really annoying to debug.
So .avm structure and content should be checked for integrity.

There are 2 possible options:

  • iterate all .avm sections checking for consistency (and maybe for an end-of-avm section)
  • add a checksum at the end of the AVM pack and verify it
@UncleGrumpy
Copy link
Collaborator

I love the idea of adding a checksum for verification. This will make verifying updates over OTA much more reliable.

@pguyot
Copy link
Collaborator

pguyot commented Sep 10, 2024

Something that popped out at work (not that we're using AtomVM, though) is the ability to cryptographically verify firmware signatures before applying OTA updates.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bettio @pguyot @UncleGrumpy