From 95c35e9b6e98076db90a9aa0e10aac08bd93e0ab Mon Sep 17 00:00:00 2001
From: Archit Gupta <archigup@amazon.com>
Date: Fri, 5 Jul 2024 16:14:29 -0700
Subject: [PATCH 1/2] Add missing error check

In FF_Write a loop is used to write remaining blocks, and breaks are
used to terminate on error. However, these breaks intended to break the
containing do-while. As they do not, on error from FF_BlockWrite,
control would get passed to after the loop, FF_SetCluster would clear
the error, and FF_WritePartial would be called with ulBytesLeft greater
than block size, which is invalid and causes out of bounds memory
writes.

This is fixed by checking the error after the loop and breaking again.
---
 ff_file.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ff_file.c b/ff_file.c
index 87bb31e..fbae1da 100644
--- a/ff_file.c
+++ b/ff_file.c
@@ -2447,6 +2447,11 @@ int32_t FF_Write( FF_FILE * pxFile,
                 }
             }
 
+            if( FF_isERR( xError ) )
+            {
+                break;
+            }
+
             /*---------- Write (memcpy) Remaining Bytes */
             if( ulBytesLeft == 0 )
             {

From c63840185d4d5550173de4d7cbff58229a017a76 Mon Sep 17 00:00:00 2001
From: Archit Gupta <archigup@amazon.com>
Date: Fri, 5 Jul 2024 16:34:00 -0700
Subject: [PATCH 2/2] Fix spelling of persistence

---
 ff_ioman.c         | 8 ++++----
 include/ff_ioman.h | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ff_ioman.c b/ff_ioman.c
index a2d7b1c..b0662f7 100644
--- a/ff_ioman.c
+++ b/ff_ioman.c
@@ -419,7 +419,7 @@ FF_Buffer_t * FF_GetBuffer( FF_IOManager_t * pxIOManager,
             if( ( ucMode == FF_MODE_READ ) && ( pxMatchingBuffer->ucMode == FF_MODE_READ ) )
             {
                 pxMatchingBuffer->usNumHandles += 1;
-                pxMatchingBuffer->usPersistance += 1;
+                pxMatchingBuffer->usPersistence += 1;
                 break;
             }
 
@@ -435,7 +435,7 @@ FF_Buffer_t * FF_GetBuffer( FF_IOManager_t * pxIOManager,
                 }
 
                 pxMatchingBuffer->usNumHandles = 1;
-                pxMatchingBuffer->usPersistance += 1;
+                pxMatchingBuffer->usPersistence += 1;
                 break;
             }
 
@@ -459,7 +459,7 @@ FF_Buffer_t * FF_GetBuffer( FF_IOManager_t * pxIOManager,
 
                 if( ( pxRLUBuffer == NULL ) ||
                     ( pxBuffer->ulLRU > pxRLUBuffer->ulLRU ) ||
-                    ( ( pxBuffer->ulLRU == pxRLUBuffer->ulLRU ) && ( pxBuffer->usPersistance > pxRLUBuffer->usPersistance ) ) )
+                    ( ( pxBuffer->ulLRU == pxRLUBuffer->ulLRU ) && ( pxBuffer->usPersistence > pxRLUBuffer->usPersistence ) ) )
                 {
                     pxRLUBuffer = pxBuffer;
                 }
@@ -497,7 +497,7 @@ FF_Buffer_t * FF_GetBuffer( FF_IOManager_t * pxIOManager,
                 }
 
                 pxRLUBuffer->ucMode = ( ucMode & FF_MODE_RD_WR );
-                pxRLUBuffer->usPersistance = 1;
+                pxRLUBuffer->usPersistence = 1;
                 pxRLUBuffer->ulLRU = 0;
                 pxRLUBuffer->usNumHandles = 1;
                 pxRLUBuffer->ulSector = ulSector;
diff --git a/include/ff_ioman.h b/include/ff_ioman.h
index 103b279..b324d87 100644
--- a/include/ff_ioman.h
+++ b/include/ff_ioman.h
@@ -213,7 +213,7 @@
                  bModified : 1, /* If the sector was modified since read. */
                  bValid : 1;    /* Initially FALSE. */
         uint16_t usNumHandles;  /* Number of objects using this buffer. */
-        uint16_t usPersistance; /* For the persistance algorithm. */
+        uint16_t usPersistence; /* For the persistence algorithm. */
     } FF_Buffer_t;
 
     typedef struct