Addressed another round of copilot comments

Author: danielinux

src/libwolfboot.c

@@ -1401,8 +1401,7 @@ int wolfBoot_dualboot_candidate(void)
 
         if (fallback_v < candidate_v) {
             wolfBoot_printf("Rollback to lower version not allowed\n");
-            wolfBoot_erase_partition(candidate);
-            return -1;
+            return candidate;
         }
 #endif
         wolfBoot_erase_partition(candidate);

src/update_disk.c

@@ -253,6 +253,7 @@ void RAMFUNCTION wolfBoot_start(void)
 #endif
     struct wolfBoot_image os_image;
     int pA_ver = 0, pB_ver = 0;
+    uint32_t pA_ver_u = 0U, pB_ver_u = 0U;
     uint32_t cur_part = 0;
     int ret = -1;
     int selected;
@@ -346,11 +347,16 @@ void RAMFUNCTION wolfBoot_start(void)
         wolfBoot_panic();
     }
 
-    wolfBoot_printf("Versions, A:%u B:%u\r\n", pA_ver, pB_ver);
-    max_ver = (pB_ver > pA_ver) ? (uint32_t)pB_ver : (uint32_t)pA_ver;
+    if (pA_ver > 0)
+        pA_ver_u = (uint32_t)pA_ver;
+    if (pB_ver > 0)
+        pB_ver_u = (uint32_t)pB_ver;
+
+    wolfBoot_printf("Versions, A:%u B:%u\r\n", pA_ver_u, pB_ver_u);
+    max_ver = (pB_ver_u > pA_ver_u) ? pB_ver_u : pA_ver_u;
 
     /* Choose partition with higher version */
-    selected = (pB_ver > pA_ver) ? 1: 0;
+    selected = (pB_ver_u > pA_ver_u) ? 1 : 0;
 
 #ifdef WOLFBOOT_FSP
     stage2_params = stage2_get_parameters();
@@ -372,7 +378,7 @@ void RAMFUNCTION wolfBoot_start(void)
             cur_part = BOOT_PART_A;
 #ifndef ALLOW_DOWNGRADE
         {
-            uint32_t cur_ver = selected ? (uint32_t)pB_ver : (uint32_t)pA_ver;
+            uint32_t cur_ver = selected ? pB_ver_u : pA_ver_u;
             if ((max_ver > 0U) && (cur_ver < max_ver)) {
                 wolfBoot_printf("Rollback to lower version not allowed\r\n");
                 wolfBoot_panic();

src/update_ram.c

@@ -143,7 +143,7 @@ void RAMFUNCTION wolfBoot_start(void)
     int update_v_raw = (int)wolfBoot_update_firmware_version();
     uint32_t boot_v = 0U;
     uint32_t update_v = 0U;
-    uint32_t max_v = (boot_v > update_v) ? boot_v : update_v;
+    uint32_t max_v = 0U;
 
     if (boot_v_raw >= 0)
         boot_v = (uint32_t)boot_v_raw;

tools/unit-tests/unit-update-ram-nofixed.c

@@ -27,7 +27,7 @@ static __thread unsigned char
 #define WOLFBOOT_LOAD_ADDRESS (((uintptr_t)wolfboot_ram) + IMAGE_HEADER_SIZE)
 #define TEST_SIZE_SMALL 5300
 #define DIGEST_TLV_OFF_IN_HDR 28
-#define STAGE_ADDR_SENTINEL ((uintptr_t)0xFFFFFFFFu)
+#define STAGE_ADDR_SENTINEL UINTPTR_MAX
 
 #include "user_settings.h"
 #include "wolfboot/wolfboot.h"
@@ -53,7 +53,8 @@ int wolfBoot_dualboot_candidate_addr(void** addr)
 #include <wolfssl/wolfcrypt/sha256.h>
 
 int wolfBoot_staged_ok = 0;
-const uint32_t *wolfBoot_stage_address = (uint32_t *)0xFFFFFFFF;
+const uint32_t *wolfBoot_stage_address =
+    (const uint32_t *)(uintptr_t)STAGE_ADDR_SENTINEL;
 
 void* hal_get_primary_address(void)
 {

tools/unit-tests/unit-update-ram.c

@@ -433,8 +433,9 @@ START_TEST (test_emergency_rollback_to_older_version_denied) {
     ext_flash_lock();
 
     wolfBoot_start();
-    ck_assert(!wolfBoot_staged_ok);
-    ck_assert_int_eq(wolfBoot_panicked, 1);
+    ck_assert(wolfBoot_staged_ok);
+    ck_assert_int_eq(get_version_ramloaded(), 2);
+    ck_assert_int_eq(wolfBoot_panicked, 0);
     cleanup_flash();
 }
 
@@ -453,8 +454,8 @@ START_TEST (test_dualboot_candidate_rejects_testing_rollback_to_lower_version) {
     ext_flash_lock();
 
     candidate = wolfBoot_dualboot_candidate();
-    ck_assert_int_eq(candidate, -1);
-    ck_assert_uint_eq(wolfBoot_current_firmware_version(), 0U);
+    ck_assert_int_eq(candidate, PART_BOOT);
+    ck_assert_uint_eq(wolfBoot_current_firmware_version(), 2U);
     cleanup_flash();
 }