* changes:
[automerger skipped] DO NOT MERGE: Initialize the ZipArchive to zero before parsing skipped: f39f139103 skipped: cce521e439 skipped: 4a53559e98
[automerger skipped] DO NOT MERGE: Initialize the ZipArchive to zero before parsing skipped: f39f139103 skipped: cce521e439
[automerger skipped] DO NOT MERGE: Initialize the ZipArchive to zero before parsing skipped: f39f139103
DO NOT MERGE: Initialize the ZipArchive to zero before parsing
The fields of the ZipArchive on the stack are not initialized before we
call libminzip to parse the zip file. As a result, some random memory
location is freed unintentionally when we close the ZipArchive upon
parsing failures.
Bug: 35385357
Test: recompile and run the poc with asan.
Change-Id: I7e7f8ab4816c84a158af7389e1a889f8fc65f079
The fields of the ZipArchive on the stack are not initialized before we
call libminzip to parse the zip file. As a result, some random memory
location is freed unintentionally when we close the ZipArchive upon
parsing failures.
Bug: 35385357
Test: recompile and run the poc with asan.
Change-Id: I7e7f8ab4816c84a158af7389e1a889f8fc65f079
Bug: 78469201
Test: Wipe from recovery menu, check that wipe is logged correctly
and boot works as expected.
Merged-In: I5bc8ef1b83d78de8b5edba6cc17882edcc744356
Change-Id: I5bc8ef1b83d78de8b5edba6cc17882edcc744356
Bug: http://b/77320844
Android.mk doesn't have support for PGO either. This causes linker
error (about missing __llvm_profile symbols) in the PGO-instrumentation
enabled builds in the release branch.
Test: m ANDROID_PGO_INSTRUMENT=ALL
Change-Id: Ib5dfdea88073bd95da2cd02e92c85bfffcca80d6
The total sectors that we want to format is used in different meanings from
various users. This notifies its size based on 512 bytes explicitly.
Bug: 76407663
Change-Id: I20687b40a1733d3b459a45f8b64a338c37a7bc95
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
This enables to use uncrypt for f2fs update-on-reboot.
It requires kernel patch named:
"f2fs: add an ioctl to disable GC for specific file"
If any operation fails during uncrypt, please delete package file as soon as
possible, and create the file again to move forward. IOWs, don't leave the
package file for a long time.
Bug: 70309376
Bug: 30170612
Change-Id: I3b4233e7da756f107be35364521699deaf2e7139
Merged-In: I3b4233e7da756f107be35364521699deaf2e7139
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
The total sectors that we want to format is used in different meanings from
various users. This notifies its size based on 4096 bytes explicitly.
Bug: 76407663
Change-Id: I3392646648264ad1ca78e4b87240edc9385a0cc4
Merged-In: I3392646648264ad1ca78e4b87240edc9385a0cc4
Reported-by: katao@xiaomi.com
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
... as a workaround for build system does not currently infer non-LTO
usage from Android.mk.
Test: m
Bug: 77320844
Change-Id: I6e9954b895051cc20408a30d0761e164e4c5bfd9
We have added the support for building /product partition in build
system (the CL in [1]), where /product is an optional partition that
contains system files. This CL adds the matching support if /product
needs to be verified during A/B OTA (i.e. listed in care_map file).
[1]: commit b7735d81054002961b681f4bdf296d4de2701135,
https://android-review.googlesource.com/c/platform/build/+/598454
Bug: 63974895
Test: Run update_verifier test on walleye.
Change-Id: Ia1c35e9583b8e66c98a4495b1f81a5ea7e65036f
(cherry picked from commit ec2e8c6c1e)
/system/bin/applypatch on device is expected to work with bsdiff based
recovery-from-boot patch automatically. Adding a test to ensure that's
always the case.
Bug: 72731506
Test: Run recovery_component_test on marlin.
Change-Id: I56283cd3ce7cf0215cc3bb3619b206fa01d552c4
Merged-In: I56283cd3ce7cf0215cc3bb3619b206fa01d552c4
(cherry picked from commit d612b23dfd)
introduced as a depedency to libvintf.
Test: builds
Bug: 73556059
Change-Id: Ia51ba81ef462879481dcacb80d9ea9ea35e8b0bb
Merged-In: Ia51ba81ef462879481dcacb80d9ea9ea35e8b0bb
Otherwise the applypatch executable will fail to back up the source
file to /cache when patching the recovery image.
Bug: 74198354
Test: run applypatch from boot to recovery
(cherry picked from commit b4e3a370bf)
Change-Id: I37b7fd88d66ab49ef953d4b7dca22577bd1472e1
This class allows us to set the following locations dynamically:
cache_temp_source, last_command_file, stash_directory_base.
In the updater's main function, we reset the values of these variables
to their default locations in /cache; while we can set them to temp
files in unit tests or host simulation.
Test: unit tests pass
Change-Id: I528652650caa41373617ab055d41b1f1a4ec0f87
In BlockImageVerify some commands are undefined, e.g. "erase", "new",
"zero". And we should not error out if the corresponding function
pointer of these commands is null; otherwise we will fail the
verification.
The old code is:
if (cmd->f != nullptr && cmd->f(params) == -1)
return false;
In the last_command_file change the logic was wrongly modified to
if (cmd->f == nullptr)
return false;
...
if (cmd->f(params) == -1)
return false;
Test: sideload an incremental OTA twice on bullhead
Change-Id: I2561c365badb850da0e416629ccd61f0df7da5d7
In the split mode of imgdiff, we used to assume that the size of a split
target chunk is always greater than the blocksize i.e. 4096. This may
lead to the following assertion failure:
I0221 04:57:33.451323 818464 common.py:205 imgdiff F 02-21 04:57:33 821203 821203 imgdiff.cpp:999]
Check failed: tgt_size >= BLOCK_SIZE (tgt_size=476, BLOCK_SIZE=4096)
This CL removes the assumption and handles the edge cases.
Test: generate and verify the incremental update for TFs in the bug; unit test passes
Bug: 73757557
Bug: 73711365
Change-Id: Iadbb4ee658995f5856cd488f3793980881a59620
