find_last_sector_idx never returning

[lefebvresam]

After calling boot_read_image_header(&state, 0, &hdr, &status); there is a call find_swap_count(state, swap_size); and find_last_sector_idx(state, copy_size); with copy_size = 76040.

This code part is never converging and crashes (line 481 of swap_scratch.c):

    while (1) {
        if ((primary_slot_size < copy_size) ||
            (primary_slot_size < secondary_slot_size)) {
           primary_slot_size += boot_img_sector_size(state,
                                                     BOOT_PRIMARY_SLOT,
                                                     last_sector_idx);
        }
        if ((secondary_slot_size < copy_size) ||
            (secondary_slot_size < primary_slot_size)) {
           secondary_slot_size += boot_img_sector_size(state,
                                                       BOOT_SECONDARY_SLOT,
                                                       last_sector_idx);
        }
        if (primary_slot_size >= copy_size &&
                secondary_slot_size >= copy_size &&
                primary_slot_size == secondary_slot_size) {
            break;
        }
        last_sector_idx++;
    }

It should look more logical that this must be:

        if ((primary_slot_size >= copy_size &&
                secondary_slot_size >= copy_size) ||
                primary_slot_size == secondary_slot_size) {
            break;
        }

Then I have only one iteration:

[INFO][BL]: Booting firmware image at 0x8021000
[INFO][main]: Boot confirmed
boot_read_swap_size
swap_size32 67212
flash_area_close
rc 0
copy_size 67212
primary_slot_size 0
secondary_slot_size 0

primary_slot_size 0
secondary_slot_size 66224890
primary_slot_size 35651584
break
last_sector_idx 1
swap_count 1

The piece of code should better have a check to assert before crashing/hanging.

Reproduction:

git clone [email protected]:saleconix/mcuboot.git
git clone [email protected]:saleconix/mcuboot_app.git