On 5/13/21 11:54 AM, Sean Anderson wrote:
Hi Lukasz, Can this make it into 2020.07? Thanks,
ping? Should Tom pick this up instead? --Sean
--Sean On 4/16/21 5:58 PM, Sean Anderson wrote:If a chunk was larger than 4GiB, then chunk_data_sz would overflow and blkcnt would not be calculated correctly. Upgrade it to a u64 and cast its multiplicands as well. Also fix bytes_written while we're at it. Signed-off-by: Sean Anderson <sean.ander...@seco.com> --- lib/image-sparse.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/image-sparse.c b/lib/image-sparse.c index 187ac28cd3..52c8dcc08c 100644 --- a/lib/image-sparse.c +++ b/lib/image-sparse.c @@ -55,10 +55,10 @@ int write_sparse_image(struct sparse_storage *info, lbaint_t blk; lbaint_t blkcnt; lbaint_t blks; - uint32_t bytes_written = 0; + uint64_t bytes_written = 0; unsigned int chunk; unsigned int offset; - unsigned int chunk_data_sz; + uint64_t chunk_data_sz; uint32_t *fill_buf = NULL; uint32_t fill_val; sparse_header_t *sparse_header; @@ -132,7 +132,7 @@ int write_sparse_image(struct sparse_storage *info, sizeof(chunk_header_t)); } - chunk_data_sz = sparse_header->blk_sz * chunk_header->chunk_sz; + chunk_data_sz = ((u64)sparse_header->blk_sz) * chunk_header->chunk_sz; blkcnt = chunk_data_sz / info->blksz; switch (chunk_header->chunk_type) { case CHUNK_TYPE_RAW: @@ -162,7 +162,7 @@ int write_sparse_image(struct sparse_storage *info, return -1; } blk += blks; - bytes_written += blkcnt * info->blksz; + bytes_written += ((u64)blkcnt) * info->blksz; total_blocks += chunk_header->chunk_sz; data += chunk_data_sz; break; @@ -222,7 +222,7 @@ int write_sparse_image(struct sparse_storage *info, blk += blks; i += j; } - bytes_written += blkcnt * info->blksz; + bytes_written += ((u64)blkcnt) * info->blksz; total_blocks += chunk_data_sz / sparse_header->blk_sz; free(fill_buf); break; @@ -253,7 +253,7 @@ int write_sparse_image(struct sparse_storage *info, debug("Wrote %d blocks, expected to write %d blocks\n", total_blocks, sparse_header->total_blks); - printf("........ wrote %u bytes to '%s'\n", bytes_written, part_name); + printf("........ wrote %llu bytes to '%s'\n", bytes_written, part_name); if (total_blocks != sparse_header->total_blks) { info->mssg("sparse image write failure", response);
