Hi Lukasz,
Can this make it into 2020.07? Thanks,
--Sean
On 4/16/21 5:58 PM, Sean Anderson wrote:
If a chunk was larger than 4GiB, then chunk_data_sz would overflow and blkcnt would not be calculated correctly. Upgrade it to a u64 and cast its multiplicands as well. Also fix bytes_written while we're at it.
Signed-off-by: Sean Anderson sean.anderson@seco.com
lib/image-sparse.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/image-sparse.c b/lib/image-sparse.c index 187ac28cd3..52c8dcc08c 100644 --- a/lib/image-sparse.c +++ b/lib/image-sparse.c @@ -55,10 +55,10 @@ int write_sparse_image(struct sparse_storage *info, lbaint_t blk; lbaint_t blkcnt; lbaint_t blks;
- uint32_t bytes_written = 0;
- uint64_t bytes_written = 0; unsigned int chunk; unsigned int offset;
- unsigned int chunk_data_sz;
- uint64_t chunk_data_sz; uint32_t *fill_buf = NULL; uint32_t fill_val; sparse_header_t *sparse_header;
@@ -132,7 +132,7 @@ int write_sparse_image(struct sparse_storage *info, sizeof(chunk_header_t)); }
chunk_data_sz = sparse_header->blk_sz * chunk_header->chunk_sz;
chunk_data_sz = ((u64)sparse_header->blk_sz) * chunk_header->chunk_sz;@@ -162,7 +162,7 @@ int write_sparse_image(struct sparse_storage *info, return -1; } blk += blks;
bytes_written += blkcnt * info->blksz;
bytes_written += ((u64)blkcnt) * info->blksz; total_blocks += chunk_header->chunk_sz; data += chunk_data_sz; break;@@ -222,7 +222,7 @@ int write_sparse_image(struct sparse_storage *info, blk += blks; i += j; }
bytes_written += blkcnt * info->blksz;
bytes_written += ((u64)blkcnt) * info->blksz; total_blocks += chunk_data_sz / sparse_header->blk_sz; free(fill_buf); break;@@ -253,7 +253,7 @@ int write_sparse_image(struct sparse_storage *info,
debug("Wrote %d blocks, expected to write %d blocks\n", total_blocks, sparse_header->total_blks);
- printf("........ wrote %u bytes to '%s'\n", bytes_written, part_name);
printf("........ wrote %llu bytes to '%s'\n", bytes_written, part_name);
if (total_blocks != sparse_header->total_blks) { info->mssg("sparse image write failure", response);