commit 8af15ebe62e9896503e70678bfa43c3b9b82b4cb
author Patrick Venture <venture@google.com> Wed May 15 09:39:22 2019 -0700
committer Patrick Venture <venture@google.com> Wed May 15 09:39:59 2019 -0700
tree a4d949262af817e87852d7f3f4ad9be0ed2d17e5
parent 699750dedaaad4639ce3c831aed7d897f3572fbe

firmware_handler: prevent writing to verify blob

Prevent writing to the verify blob id.

Signed-off-by: Patrick Venture <venture@google.com>
Change-Id: Id7351e1d32b355dccacd5a9720785949fce20156

firmware_handler.cpp

diff --git a/firmware_handler.cpp b/firmware_handler.cpp
index af3788c..8c9ad43 100644
--- a/firmware_handler.cpp
+++ b/firmware_handler.cpp
@@ -456,9 +456,13 @@
         return false;
     }
 
-    /* TODO: Prevent writing to the verification blob before they trigger
+    /* Prevent writing to the verification blob before they trigger
      * verification.
      */
+    if (item->second->activePath == verifyBlobID)
+    {
+        return false;
+    }
 
     std::vector<std::uint8_t> bytes;