From 53158e51d01ed3994a743c3b55dbd197a7f62dc7 Mon Sep 17 00:00:00 2001 From: xunchang Date: Thu, 17 Jan 2019 09:26:12 -0800 Subject: [PATCH] Fix potential size overflow in blockimg.cpp Switch to 64 bit integers since the size of the entire src/tgt images may not fit in size_t of ILP32. There are other theoretical overflow cases in memory allocation and I/O functions. However, they reside within a single transfer command and are less likely to happen. I will evaluate and address them in separate cls. Test: unit tests pass Bug: 122461124 Change-Id: Ib719ee695920877458fcfaa25c6ac058a5bbabf2 --- updater/blockimg.cpp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 6e5d5bb5..07c3c7b5 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -1525,7 +1525,7 @@ static int PerformCommandComputeHashTree(CommandParameters& params) { // Starts the hash_tree computation. HashTreeBuilder builder(BLOCKSIZE, hash_function); - if (!builder.Initialize(source_ranges.blocks() * BLOCKSIZE, salt)) { + if (!builder.Initialize(static_cast(source_ranges.blocks()) * BLOCKSIZE, salt)) { LOG(ERROR) << "Failed to initialize hash tree computation, source " << source_ranges.ToString() << ", salt " << salt_hex; return -1; @@ -1915,8 +1915,10 @@ pbiudone: const char* partition = strrchr(blockdev_filename->data.c_str(), '/'); if (partition != nullptr && *(partition + 1) != 0) { - fprintf(cmd_pipe, "log bytes_written_%s: %zu\n", partition + 1, params.written * BLOCKSIZE); - fprintf(cmd_pipe, "log bytes_stashed_%s: %zu\n", partition + 1, params.stashed * BLOCKSIZE); + fprintf(cmd_pipe, "log bytes_written_%s: %" PRIu64 "\n", partition + 1, + static_cast(params.written) * BLOCKSIZE); + fprintf(cmd_pipe, "log bytes_stashed_%s: %" PRIu64 "\n", partition + 1, + static_cast(params.stashed) * BLOCKSIZE); fflush(cmd_pipe); } // Delete stash only after successfully completing the update, as it may contain blocks needed