Due to https://r.android.com/1310496, sparse_file_write() splits all
blocks larger than 64 MiB. However, the code that splits file-backed
blocks copies the pointer to the filename without duplicating the
underlying memory, causing a double free in backed_block_destroy()
later. Fix this by using strdup(). Also, as long as that is being
fixed, also check for failure.
Test: SANITIZE_HOST=address mmm external/e2fsprogs
mkdir mnt
mkfs.ext4 img 1G
sudo mount img mnt
sudo cp /dev/urandom mnt/file
sudo umount mnt
ext2simg img simg
Before this fix it gave:
==2216498==ERROR: AddressSanitizer: attempting double-free on 0x602000000090 in thread T0:
#0 0x55a52454c9a2 in free out/stage2/runtimes/runtimes-x86_64-unknown-linux-gnu-bins/out/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3
#1 0x7ffa247c82ee in backed_block_destroy(backed_block*) system/core/libsparse/backed_block.cpp:106:5
#2 0x7ffa247c82ee in backed_block_list_destroy(backed_block_list*) system/core/libsparse/backed_block.cpp:124:7
#3 0x7ffa247cd055 in sparse_file_destroy system/core/libsparse/sparse.cpp:49:3
#4 0x55a524587b75 in main external/e2fsprogs/contrib/android/ext2simg.c:239:2
Change-Id: I4607ef5adcf6512645342beaf91aff6033414e54
Merging sparse chunk can make sparse map block bigger than 4GiB,
that can't be covered by unsigned integer type. Fix this by
changing unsigned int to uint64_t type.
Test: sparse build
Bug: 162808120
Change-Id: Id4d3f88f9d531c25c3937c99b2c81efb915605ee
Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>
Cc: hyeongseok.kim <hyeongseok.kim@lge.com>
