Fixed invalid endpoint indexes causing memory corruption in device Clear/Set Feature...
[pub/USBasp.git] / Bootloaders / DFU / BootloaderDFU.c
index d7bec1f..71db980 100644 (file)
@@ -1,13 +1,13 @@
 /*
              LUFA Library
 /*
              LUFA Library
-     Copyright (C) Dean Camera, 2010.
+     Copyright (C) Dean Camera, 2016.
 
   dean [at] fourwalledcubicle [dot] com
 
   dean [at] fourwalledcubicle [dot] com
-      www.fourwalledcubicle.com
+           www.lufa-lib.org
 */
 
 /*
 */
 
 /*
-  Copyright 2010  Dean Camera (dean [at] fourwalledcubicle [dot] com)
+  Copyright 2016  Dean Camera (dean [at] fourwalledcubicle [dot] com)
 
   Permission to use, copy, modify, distribute, and sell this
   software and its documentation for any purpose is hereby granted
 
   Permission to use, copy, modify, distribute, and sell this
   software and its documentation for any purpose is hereby granted
@@ -18,7 +18,7 @@
   advertising or publicity pertaining to distribution of the
   software without specific, written prior permission.
 
   advertising or publicity pertaining to distribution of the
   software without specific, written prior permission.
 
-  The author disclaim all warranties with regard to this
+  The author disclaims all warranties with regard to this
   software, including all implied warranties of merchantability
   and fitness.  In no event shall the author be liable for any
   special, indirect or consequential damages or any damages
   software, including all implied warranties of merchantability
   and fitness.  In no event shall the author be liable for any
   special, indirect or consequential damages or any damages
 
 /** Flag to indicate if the bootloader is currently running in secure mode, disallowing memory operations
  *  other than erase. This is initially set to the value set by SECURE_MODE, and cleared by the bootloader
 
 /** Flag to indicate if the bootloader is currently running in secure mode, disallowing memory operations
  *  other than erase. This is initially set to the value set by SECURE_MODE, and cleared by the bootloader
- *  once a memory erase has completed.
+ *  once a memory erase has completed in a bootloader session.
  */
  */
-bool IsSecure      = SECURE_MODE;
+static bool IsSecure = SECURE_MODE;
 
 /** Flag to indicate if the bootloader should be running, or should exit and allow the application code to run
  *  via a soft reset. When cleared, the bootloader will abort, the USB interface will shut down and the application
  *  jumped to via an indirect jump to location 0x0000 (or other location specified by the host).
  */
 
 /** Flag to indicate if the bootloader should be running, or should exit and allow the application code to run
  *  via a soft reset. When cleared, the bootloader will abort, the USB interface will shut down and the application
  *  jumped to via an indirect jump to location 0x0000 (or other location specified by the host).
  */
-bool RunBootloader = true;
+static bool RunBootloader = true;
 
 /** Flag to indicate if the bootloader is waiting to exit. When the host requests the bootloader to exit and
  *  jump to the application address it specifies, it sends two sequential commands which must be properly
  *  acknowledged. Upon reception of the first the RunBootloader flag is cleared and the WaitForExit flag is set,
  *  causing the bootloader to wait for the final exit command before shutting down.
  */
 
 /** Flag to indicate if the bootloader is waiting to exit. When the host requests the bootloader to exit and
  *  jump to the application address it specifies, it sends two sequential commands which must be properly
  *  acknowledged. Upon reception of the first the RunBootloader flag is cleared and the WaitForExit flag is set,
  *  causing the bootloader to wait for the final exit command before shutting down.
  */
-bool WaitForExit = false;
+static bool WaitForExit = false;
 
 /** Current DFU state machine state, one of the values in the DFU_State_t enum. */
 
 /** Current DFU state machine state, one of the values in the DFU_State_t enum. */
-uint8_t DFU_State = dfuIDLE;
+static uint8_t DFU_State = dfuIDLE;
 
 /** Status code of the last executed DFU command. This is set to one of the values in the DFU_Status_t enum after
  *  each operation, and returned to the host when a Get Status DFU request is issued.
  */
 
 /** Status code of the last executed DFU command. This is set to one of the values in the DFU_Status_t enum after
  *  each operation, and returned to the host when a Get Status DFU request is issued.
  */
-uint8_t DFU_Status = OK;
+static uint8_t DFU_Status = OK;
 
 /** Data containing the DFU command sent from the host. */
 
 /** Data containing the DFU command sent from the host. */
-DFU_Command_t SentCommand;
+static DFU_Command_t SentCommand;
 
 /** Response to the last issued Read Data DFU command. Unlike other DFU commands, the read command
  *  requires a single byte response from the bootloader containing the read data when the next DFU_UPLOAD command
  *  is issued by the host.
  */
 
 /** Response to the last issued Read Data DFU command. Unlike other DFU commands, the read command
  *  requires a single byte response from the bootloader containing the read data when the next DFU_UPLOAD command
  *  is issued by the host.
  */
-uint8_t ResponseByte;
+static uint8_t ResponseByte;
 
 /** Pointer to the start of the user application. By default this is 0x0000 (the reset vector), however the host
  *  may specify an alternate address when issuing the application soft-start command.
  */
 
 /** Pointer to the start of the user application. By default this is 0x0000 (the reset vector), however the host
  *  may specify an alternate address when issuing the application soft-start command.
  */
-AppPtr_t AppStartPtr = (AppPtr_t)0x0000;
+static AppPtr_t AppStartPtr = (AppPtr_t)0x0000;
 
 /** 64-bit flash page number. This is concatenated with the current 16-bit address on USB AVRs containing more than
  *  64KB of flash memory.
  */
 
 /** 64-bit flash page number. This is concatenated with the current 16-bit address on USB AVRs containing more than
  *  64KB of flash memory.
  */
-uint8_t Flash64KBPage = 0;
+static uint8_t Flash64KBPage = 0;
 
 /** Memory start address, indicating the current address in the memory being addressed (either FLASH or EEPROM
  *  depending on the issued command from the host).
  */
 
 /** Memory start address, indicating the current address in the memory being addressed (either FLASH or EEPROM
  *  depending on the issued command from the host).
  */
-uint16_t StartAddr = 0x0000;
+static uint16_t StartAddr = 0x0000;
 
 
-/** Memory end address, indicating the end address to read to/write from in the memory being addressed (either FLASH
+/** Memory end address, indicating the end address to read from/write to in the memory being addressed (either FLASH
  *  of EEPROM depending on the issued command from the host).
  */
  *  of EEPROM depending on the issued command from the host).
  */
-uint16_t EndAddr = 0x0000;
+static uint16_t EndAddr = 0x0000;
 
 
+/** Magic lock for forced application start. If the HWBE fuse is programmed and BOOTRST is unprogrammed, the bootloader
+ *  will start if the /HWB line of the AVR is held low and the system is reset. However, if the /HWB line is still held
+ *  low when the application attempts to start via a watchdog reset, the bootloader will re-start. If set to the value
+ *  \ref MAGIC_BOOT_KEY the special init function \ref Application_Jump_Check() will force the application to start.
+ */
+uint16_t MagicBootKey ATTR_NO_INIT;
+
+
+/** Special startup routine to check if the bootloader was started via a watchdog reset, and if the magic application
+ *  start key has been loaded into \ref MagicBootKey. If the bootloader started via the watchdog and the key is valid,
+ *  this will force the user application to start via a software jump.
+ */
+void Application_Jump_Check(void)
+{
+       bool JumpToApplication = false;
+
+       #if (BOARD == BOARD_LEONARDO)
+               /* Enable pull-up on the IO13 pin so we can use it to select the mode */
+               PORTC |= (1 << 7);
+               Delay_MS(10);
+
+               /* If IO13 is not jumpered to ground, start the user application instead */
+               JumpToApplication = ((PINC & (1 << 7)) != 0);
+
+               /* Disable pull-up after the check has completed */
+               PORTC &= ~(1 << 7);
+       #elif ((BOARD == BOARD_XPLAIN) || (BOARD == BOARD_XPLAIN_REV1))
+               /* Disable JTAG debugging */
+               JTAG_DISABLE();
+
+               /* Enable pull-up on the JTAG TCK pin so we can use it to select the mode */
+               PORTF |= (1 << 4);
+               Delay_MS(10);
+
+               /* If the TCK pin is not jumpered to ground, start the user application instead */
+               JumpToApplication = ((PINF & (1 << 4)) != 0);
+
+               /* Re-enable JTAG debugging */
+               JTAG_ENABLE();
+       #else
+               /* Check if the device's BOOTRST fuse is set */
+               if (boot_lock_fuse_bits_get(GET_HIGH_FUSE_BITS) & FUSE_BOOTRST)
+               {
+                       /* If the reset source was not an external reset or the key is correct, clear it and jump to the application */
+                       if (!(MCUSR & (1 << EXTRF)) || (MagicBootKey == MAGIC_BOOT_KEY))
+                         JumpToApplication = true;
+
+                       /* Clear reset source */
+                       MCUSR &= ~(1 << EXTRF);
+               }
+               else
+               {
+                       /* If the reset source was the bootloader and the key is correct, clear it and jump to the application;
+                        * this can happen in the HWBE fuse is set, and the HBE pin is low during the watchdog reset */
+                       if ((MCUSR & (1 << WDRF)) && (MagicBootKey == MAGIC_BOOT_KEY))
+                               JumpToApplication = true;
+
+                       /* Clear reset source */
+                       MCUSR &= ~(1 << WDRF);
+               }
+       #endif
+
+       /* Don't run the user application if the reset vector is blank (no app loaded) */
+       bool ApplicationValid = (pgm_read_word_near(0) != 0xFFFF);
+
+       /* If a request has been made to jump to the user application, honor it */
+       if (JumpToApplication && ApplicationValid)
+       {
+               /* Turn off the watchdog */
+               MCUSR &= ~(1 << WDRF);
+               wdt_disable();
+
+               /* Clear the boot key and jump to the user application */
+               MagicBootKey = 0;
+
+               // cppcheck-suppress constStatement
+               ((void (*)(void))0x0000)();
+       }
+}
 
 /** Main program entry point. This routine configures the hardware required by the bootloader, then continuously
  *  runs the bootloader processing routine until instructed to soft-exit, or hard-reset via the watchdog to start
 
 /** Main program entry point. This routine configures the hardware required by the bootloader, then continuously
  *  runs the bootloader processing routine until instructed to soft-exit, or hard-reset via the watchdog to start
@@ -102,8 +181,11 @@ int main(void)
        /* Configure hardware required by the bootloader */
        SetupHardware();
 
        /* Configure hardware required by the bootloader */
        SetupHardware();
 
+       /* Turn on first LED on the board to indicate that the bootloader has started */
+       LEDs_SetAllLEDs(LEDS_LED1);
+
        /* Enable global interrupts so that the USB stack can function */
        /* Enable global interrupts so that the USB stack can function */
-       sei();
+       GlobalInterruptEnable();
 
        /* Run the USB management task while the bootloader is supposed to be running */
        while (RunBootloader || WaitForExit)
 
        /* Run the USB management task while the bootloader is supposed to be running */
        while (RunBootloader || WaitForExit)
@@ -117,7 +199,7 @@ int main(void)
 }
 
 /** Configures all hardware required for the bootloader. */
 }
 
 /** Configures all hardware required for the bootloader. */
-void SetupHardware(void)
+static void SetupHardware(void)
 {
        /* Disable watchdog if enabled by bootloader/fuses */
        MCUSR &= ~(1 << WDRF);
 {
        /* Disable watchdog if enabled by bootloader/fuses */
        MCUSR &= ~(1 << WDRF);
@@ -130,33 +212,59 @@ void SetupHardware(void)
        MCUCR = (1 << IVCE);
        MCUCR = (1 << IVSEL);
 
        MCUCR = (1 << IVCE);
        MCUCR = (1 << IVSEL);
 
-       /* Initialize the USB subsystem */
+       /* Initialize the USB and other board hardware drivers */
        USB_Init();
        USB_Init();
+       LEDs_Init();
+
+       /* Bootloader active LED toggle timer initialization */
+       TIMSK1 = (1 << TOIE1);
+       TCCR1B = ((1 << CS11) | (1 << CS10));
 }
 
 /** Resets all configured hardware required for the bootloader back to their original states. */
 }
 
 /** Resets all configured hardware required for the bootloader back to their original states. */
-void ResetHardware(void)
+static void ResetHardware(void)
 {
 {
-       /* Shut down the USB subsystem */
-       USB_ShutDown();
+       /* Shut down the USB and other board hardware drivers */
+       USB_Disable();
+       LEDs_Disable();
+
+       /* Disable Bootloader active LED toggle timer */
+       TIMSK1 = 0;
+       TCCR1B = 0;
 
        /* Relocate the interrupt vector table back to the application section */
        MCUCR = (1 << IVCE);
        MCUCR = 0;
 }
 
 
        /* Relocate the interrupt vector table back to the application section */
        MCUCR = (1 << IVCE);
        MCUCR = 0;
 }
 
-/** Event handler for the USB_UnhandledControlRequest event. This is used to catch standard and class specific
- *  control requests that are not handled internally by the USB library (including the DFU commands, which are
- *  all issued via the control endpoint), so that they can be handled appropriately for the application.
+/** ISR to periodically toggle the LEDs on the board to indicate that the bootloader is active. */
+ISR(TIMER1_OVF_vect, ISR_BLOCK)
+{
+       LEDs_ToggleLEDs(LEDS_LED1 | LEDS_LED2);
+}
+
+/** Event handler for the USB_ControlRequest event. This is used to catch and process control requests sent to
+ *  the device from the USB host before passing along unhandled control requests to the library for processing
+ *  internally.
  */
  */
-void EVENT_USB_Device_UnhandledControlRequest(void)
+void EVENT_USB_Device_ControlRequest(void)
 {
 {
+       /* Ignore any requests that aren't directed to the DFU interface */
+       if ((USB_ControlRequest.bmRequestType & (CONTROL_REQTYPE_TYPE | CONTROL_REQTYPE_RECIPIENT)) !=
+           (REQTYPE_CLASS | REQREC_INTERFACE))
+       {
+               return;
+       }
+
+       /* Activity - toggle indicator LEDs */
+       LEDs_ToggleLEDs(LEDS_LED1 | LEDS_LED2);
+
        /* Get the size of the command and data from the wLength value */
        SentCommand.DataSize = USB_ControlRequest.wLength;
 
        switch (USB_ControlRequest.bRequest)
        {
        /* Get the size of the command and data from the wLength value */
        SentCommand.DataSize = USB_ControlRequest.wLength;
 
        switch (USB_ControlRequest.bRequest)
        {
-               case REQ_DFU_DNLOAD:
+               case DFU_REQ_DNLOAD:
                        Endpoint_ClearSETUP();
 
                        /* Check if bootloader is waiting to terminate */
                        Endpoint_ClearSETUP();
 
                        /* Check if bootloader is waiting to terminate */
@@ -179,7 +287,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                }
 
                                /* First byte of the data stage is the DNLOAD request's command */
                                }
 
                                /* First byte of the data stage is the DNLOAD request's command */
-                               SentCommand.Command = Endpoint_Read_Byte();
+                               SentCommand.Command = Endpoint_Read_8();
 
                                /* One byte of the data stage is the command, so subtract it from the total data bytes */
                                SentCommand.DataSize--;
 
                                /* One byte of the data stage is the command, so subtract it from the total data bytes */
                                SentCommand.DataSize--;
@@ -188,7 +296,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                for (uint8_t DataByte = 0; (DataByte < sizeof(SentCommand.Data)) &&
                                     Endpoint_BytesInEndpoint(); DataByte++)
                                {
                                for (uint8_t DataByte = 0; (DataByte < sizeof(SentCommand.Data)) &&
                                     Endpoint_BytesInEndpoint(); DataByte++)
                                {
-                                       SentCommand.Data[DataByte] = Endpoint_Read_Byte();
+                                       SentCommand.Data[DataByte] = Endpoint_Read_8();
                                        SentCommand.DataSize--;
                                }
 
                                        SentCommand.DataSize--;
                                }
 
@@ -243,7 +351,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                                        }
 
                                                        /* Write the next word into the current flash page */
                                                        }
 
                                                        /* Write the next word into the current flash page */
-                                                       boot_page_fill(CurrFlashAddress.Long, Endpoint_Read_Word_LE());
+                                                       boot_page_fill(CurrFlashAddress.Long, Endpoint_Read_16_LE());
 
                                                        /* Adjust counters */
                                                        WordsInFlashPage      += 1;
 
                                                        /* Adjust counters */
                                                        WordsInFlashPage      += 1;
@@ -292,7 +400,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                                        }
 
                                                        /* Read the byte from the USB interface and write to to the EEPROM */
                                                        }
 
                                                        /* Read the byte from the USB interface and write to to the EEPROM */
-                                                       eeprom_write_byte((uint8_t*)StartAddr, Endpoint_Read_Byte());
+                                                       eeprom_write_byte((uint8_t*)StartAddr, Endpoint_Read_8());
 
                                                        /* Adjust counters */
                                                        StartAddr++;
 
                                                        /* Adjust counters */
                                                        StartAddr++;
@@ -309,7 +417,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                        Endpoint_ClearStatusStage();
 
                        break;
                        Endpoint_ClearStatusStage();
 
                        break;
-               case REQ_DFU_UPLOAD:
+               case DFU_REQ_UPLOAD:
                        Endpoint_ClearSETUP();
 
                        while (!(Endpoint_IsINReady()))
                        Endpoint_ClearSETUP();
 
                        while (!(Endpoint_IsINReady()))
@@ -324,12 +432,12 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                {
                                        /* Blank checking is performed in the DFU_DNLOAD request - if we get here we've told the host
                                           that the memory isn't blank, and the host is requesting the first non-blank address */
                                {
                                        /* Blank checking is performed in the DFU_DNLOAD request - if we get here we've told the host
                                           that the memory isn't blank, and the host is requesting the first non-blank address */
-                                       Endpoint_Write_Word_LE(StartAddr);
+                                       Endpoint_Write_16_LE(StartAddr);
                                }
                                else
                                {
                                        /* Idle state upload - send response to last issued command */
                                }
                                else
                                {
                                        /* Idle state upload - send response to last issued command */
-                                       Endpoint_Write_Byte(ResponseByte);
+                                       Endpoint_Write_8(ResponseByte);
                                }
                        }
                        else
                                }
                        }
                        else
@@ -364,9 +472,9 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
 
                                                /* Read the flash word and send it via USB to the host */
                                                #if (FLASHEND > 0xFFFF)
 
                                                /* Read the flash word and send it via USB to the host */
                                                #if (FLASHEND > 0xFFFF)
-                                                       Endpoint_Write_Word_LE(pgm_read_word_far(CurrFlashAddress.Long));
+                                                       Endpoint_Write_16_LE(pgm_read_word_far(CurrFlashAddress.Long));
                                                #else
                                                #else
-                                                       Endpoint_Write_Word_LE(pgm_read_word(CurrFlashAddress.Long));
+                                                       Endpoint_Write_16_LE(pgm_read_word(CurrFlashAddress.Long));
                                                #endif
 
                                                /* Adjust counters */
                                                #endif
 
                                                /* Adjust counters */
@@ -393,7 +501,7 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
                                                }
 
                                                /* Read the EEPROM byte and send it via USB to the host */
                                                }
 
                                                /* Read the EEPROM byte and send it via USB to the host */
-                                               Endpoint_Write_Byte(eeprom_read_byte((uint8_t*)StartAddr));
+                                               Endpoint_Write_8(eeprom_read_byte((uint8_t*)StartAddr));
 
                                                /* Adjust counters */
                                                StartAddr++;
 
                                                /* Adjust counters */
                                                StartAddr++;
@@ -408,27 +516,33 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
 
                        Endpoint_ClearStatusStage();
                        break;
 
                        Endpoint_ClearStatusStage();
                        break;
-               case REQ_DFU_GETSTATUS:
+               case DFU_REQ_GETSTATUS:
                        Endpoint_ClearSETUP();
 
                        Endpoint_ClearSETUP();
 
+                       while (!(Endpoint_IsINReady()))
+                       {
+                               if (USB_DeviceState == DEVICE_STATE_Unattached)
+                                 return;
+                       }
+
                        /* Write 8-bit status value */
                        /* Write 8-bit status value */
-                       Endpoint_Write_Byte(DFU_Status);
+                       Endpoint_Write_8(DFU_Status);
 
                        /* Write 24-bit poll timeout value */
 
                        /* Write 24-bit poll timeout value */
-                       Endpoint_Write_Byte(0);
-                       Endpoint_Write_Word_LE(0);
+                       Endpoint_Write_8(0);
+                       Endpoint_Write_16_LE(0);
 
                        /* Write 8-bit state value */
 
                        /* Write 8-bit state value */
-                       Endpoint_Write_Byte(DFU_State);
+                       Endpoint_Write_8(DFU_State);
 
                        /* Write 8-bit state string ID number */
 
                        /* Write 8-bit state string ID number */
-                       Endpoint_Write_Byte(0);
+                       Endpoint_Write_8(0);
 
                        Endpoint_ClearIN();
 
                        Endpoint_ClearStatusStage();
                        break;
 
                        Endpoint_ClearIN();
 
                        Endpoint_ClearStatusStage();
                        break;
-               case REQ_DFU_CLRSTATUS:
+               case DFU_REQ_CLRSTATUS:
                        Endpoint_ClearSETUP();
 
                        /* Reset the status value variable to the default OK status */
                        Endpoint_ClearSETUP();
 
                        /* Reset the status value variable to the default OK status */
@@ -436,17 +550,23 @@ void EVENT_USB_Device_UnhandledControlRequest(void)
 
                        Endpoint_ClearStatusStage();
                        break;
 
                        Endpoint_ClearStatusStage();
                        break;
-               case REQ_DFU_GETSTATE:
+               case DFU_REQ_GETSTATE:
                        Endpoint_ClearSETUP();
 
                        Endpoint_ClearSETUP();
 
+                       while (!(Endpoint_IsINReady()))
+                       {
+                               if (USB_DeviceState == DEVICE_STATE_Unattached)
+                                 return;
+                       }
+
                        /* Write the current device state to the endpoint */
                        /* Write the current device state to the endpoint */
-                       Endpoint_Write_Byte(DFU_State);
+                       Endpoint_Write_8(DFU_State);
 
                        Endpoint_ClearIN();
 
                        Endpoint_ClearStatusStage();
                        break;
 
                        Endpoint_ClearIN();
 
                        Endpoint_ClearStatusStage();
                        break;
-               case REQ_DFU_ABORT:
+               case DFU_REQ_ABORT:
                        Endpoint_ClearSETUP();
 
                        /* Reset the current state variable to the default idle state */
                        Endpoint_ClearSETUP();
 
                        /* Reset the current state variable to the default idle state */
@@ -479,7 +599,7 @@ static void DiscardFillerBytes(uint8_t NumberOfBytes)
                }
                else
                {
                }
                else
                {
-                       Endpoint_Discard_Byte();
+                       Endpoint_Discard_8();
                }
        }
 }
                }
        }
 }
@@ -599,7 +719,7 @@ static void ProcessMemReadCommand(void)
        {
                uint32_t CurrFlashAddress = 0;
 
        {
                uint32_t CurrFlashAddress = 0;
 
-               while (CurrFlashAddress < BOOT_START_ADDR)
+               while (CurrFlashAddress < (uint32_t)BOOT_START_ADDR)
                {
                        /* Check if the current byte is not blank */
                        #if (FLASHEND > 0xFFFF)
                {
                        /* Check if the current byte is not blank */
                        #if (FLASHEND > 0xFFFF)
@@ -653,13 +773,17 @@ static void ProcessWriteCommand(void)
                {
                        if (SentCommand.Data[1] == 0x00)                                   // Start via watchdog
                        {
                {
                        if (SentCommand.Data[1] == 0x00)                                   // Start via watchdog
                        {
+                               /* Unlock the forced application start mode of the bootloader if it is restarted */
+                               MagicBootKey = MAGIC_BOOT_KEY;
+
                                /* Start the watchdog to reset the AVR once the communications are finalized */
                                wdt_enable(WDTO_250MS);
                        }
                        else                                                               // Start via jump
                        {
                                /* Start the watchdog to reset the AVR once the communications are finalized */
                                wdt_enable(WDTO_250MS);
                        }
                        else                                                               // Start via jump
                        {
-                               /* Set the flag to terminate the bootloader at next opportunity */
-                               RunBootloader = false;
+                               /* Set the flag to terminate the bootloader at next opportunity if a valid application has been loaded */
+                               if (pgm_read_word_near(0) == 0xFFFF)
+                                 RunBootloader = false;
                        }
                }
        }
                        }
                }
        }
@@ -668,7 +792,7 @@ static void ProcessWriteCommand(void)
                uint32_t CurrFlashAddress = 0;
 
                /* Clear the application section of flash */
                uint32_t CurrFlashAddress = 0;
 
                /* Clear the application section of flash */
-               while (CurrFlashAddress < BOOT_START_ADDR)
+               while (CurrFlashAddress < (uint32_t)BOOT_START_ADDR)
                {
                        boot_page_erase(CurrFlashAddress);
                        boot_spm_busy_wait();
                {
                        boot_page_erase(CurrFlashAddress);
                        boot_spm_busy_wait();
@@ -692,13 +816,45 @@ static void ProcessWriteCommand(void)
 static void ProcessReadCommand(void)
 {
        const uint8_t BootloaderInfo[3] = {BOOTLOADER_VERSION, BOOTLOADER_ID_BYTE1, BOOTLOADER_ID_BYTE2};
 static void ProcessReadCommand(void)
 {
        const uint8_t BootloaderInfo[3] = {BOOTLOADER_VERSION, BOOTLOADER_ID_BYTE1, BOOTLOADER_ID_BYTE2};
-       const uint8_t SignatureInfo[3]  = {AVR_SIGNATURE_1,    AVR_SIGNATURE_2,     AVR_SIGNATURE_3};
+       const uint8_t SignatureInfo[4]  = {0x58, AVR_SIGNATURE_1, AVR_SIGNATURE_2, AVR_SIGNATURE_3};
 
 
-       uint8_t DataIndexToRead = SentCommand.Data[1];
+       uint8_t DataIndexToRead    = SentCommand.Data[1];
+       bool    ReadAddressInvalid = false;
 
 
-       if (IS_ONEBYTE_COMMAND(SentCommand.Data, 0x00))                         // Read bootloader info
-         ResponseByte = BootloaderInfo[DataIndexToRead];
+       if (IS_ONEBYTE_COMMAND(SentCommand.Data, 0x00))                        // Read bootloader info
+       {
+               if (DataIndexToRead < 3)
+                 ResponseByte = BootloaderInfo[DataIndexToRead];
+               else
+                 ReadAddressInvalid = true;
+       }
        else if (IS_ONEBYTE_COMMAND(SentCommand.Data, 0x01))                    // Read signature byte
        else if (IS_ONEBYTE_COMMAND(SentCommand.Data, 0x01))                    // Read signature byte
-         ResponseByte = SignatureInfo[DataIndexToRead - 0x30];
+       {
+               switch (DataIndexToRead)
+               {
+                       case 0x30:
+                               ResponseByte = SignatureInfo[0];
+                               break;
+                       case 0x31:
+                               ResponseByte = SignatureInfo[1];
+                               break;
+                       case 0x60:
+                               ResponseByte = SignatureInfo[2];
+                               break;
+                       case 0x61:
+                               ResponseByte = SignatureInfo[3];
+                               break;
+                       default:
+                               ReadAddressInvalid = true;
+                               break;
+               }
+       }
+
+       if (ReadAddressInvalid)
+       {
+               /* Set the state and status variables to indicate the error */
+               DFU_State  = dfuERROR;
+               DFU_Status = errADDRESS;
+       }
 }
 
 }