Fix potential size overflow in blockimg.cpp

Switch to 64 bit integers since the size of the entire src/tgt images may
not fit in size_t of ILP32.

There are other theoretical overflow cases in memory allocation and I/O
functions. However, they reside within a single transfer command and are
less likely to happen. I will evaluate and address them in separate
cls.

Test: unit tests pass
Bug: 122461124
Change-Id: Ib719ee695920877458fcfaa25c6ac058a5bbabf2
This commit is contained in:
xunchang 2019-01-17 09:26:12 -08:00
parent 27aa9404fc
commit 53158e51d0

View file

@ -1525,7 +1525,7 @@ static int PerformCommandComputeHashTree(CommandParameters& params) {
// Starts the hash_tree computation. // Starts the hash_tree computation.
HashTreeBuilder builder(BLOCKSIZE, hash_function); HashTreeBuilder builder(BLOCKSIZE, hash_function);
if (!builder.Initialize(source_ranges.blocks() * BLOCKSIZE, salt)) { if (!builder.Initialize(static_cast<int64_t>(source_ranges.blocks()) * BLOCKSIZE, salt)) {
LOG(ERROR) << "Failed to initialize hash tree computation, source " << source_ranges.ToString() LOG(ERROR) << "Failed to initialize hash tree computation, source " << source_ranges.ToString()
<< ", salt " << salt_hex; << ", salt " << salt_hex;
return -1; return -1;
@ -1915,8 +1915,10 @@ pbiudone:
const char* partition = strrchr(blockdev_filename->data.c_str(), '/'); const char* partition = strrchr(blockdev_filename->data.c_str(), '/');
if (partition != nullptr && *(partition + 1) != 0) { if (partition != nullptr && *(partition + 1) != 0) {
fprintf(cmd_pipe, "log bytes_written_%s: %zu\n", partition + 1, params.written * BLOCKSIZE); fprintf(cmd_pipe, "log bytes_written_%s: %" PRIu64 "\n", partition + 1,
fprintf(cmd_pipe, "log bytes_stashed_%s: %zu\n", partition + 1, params.stashed * BLOCKSIZE); static_cast<uint64_t>(params.written) * BLOCKSIZE);
fprintf(cmd_pipe, "log bytes_stashed_%s: %" PRIu64 "\n", partition + 1,
static_cast<uint64_t>(params.stashed) * BLOCKSIZE);
fflush(cmd_pipe); fflush(cmd_pipe);
} }
// Delete stash only after successfully completing the update, as it may contain blocks needed // Delete stash only after successfully completing the update, as it may contain blocks needed