Re: [PATCH] ubiformat: get buffer from malloc
Am Montag, den 25.03.2013, 16:15 +0100 schrieb Jan Weitzel:
There was a erase block sized (here 131072) char buf array on the stack.
Changed this to get the space from malloc preventing stack overflows.
Also fix a wrong return without clean up.
btw the command works fine with the stack overflow till CONFIG_MMU_EARLY
was turned on.
Jan
Signed-off-by: Jan Weitzel j.weit...@phytec.de
---
commands/ubiformat.c | 22 +++---
1 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/commands/ubiformat.c b/commands/ubiformat.c
index 47941be..121816f 100644
--- a/commands/ubiformat.c
+++ b/commands/ubiformat.c
@@ -296,13 +296,20 @@ static int mark_bad(const struct mtd_dev_info *mtd,
struct ubi_scan_info *si, in
static int flash_image(const struct mtd_dev_info *mtd,
const struct ubigen_info *ui, struct ubi_scan_info *si)
{
- int fd, img_ebs, eb, written_ebs = 0, divisor;
+ int fd, img_ebs, eb, written_ebs = 0, divisor, ret = -1;
off_t st_size;
+ char *buf = NULL;
fd = open_file(st_size);
if (fd 0)
return fd;
+ buf = malloc(mtd-eb_size);
+ if (!buf) {
+ sys_errmsg(cannot allocate %d bytes of memory, mtd-eb_size);
+ goto out_close;
+ }
+
img_ebs = st_size / mtd-eb_size;
if (img_ebs si-good_cnt) {
@@ -312,8 +319,9 @@ static int flash_image(const struct mtd_dev_info *mtd,
}
if (st_size % mtd-eb_size) {
- return sys_errmsg(file \%s\ (size %lld bytes) is not
multiple of eraseblock size (%d bytes),
- args.image, (long long)st_size, mtd-eb_size);
+ sys_errmsg(file \%s\ (size %lld bytes) is not multiple of
+eraseblock size (%d bytes),
+args.image, (long long)st_size, mtd-eb_size);
goto out_close;
}
@@ -321,7 +329,6 @@ static int flash_image(const struct mtd_dev_info *mtd,
divisor = img_ebs;
for (eb = 0; eb mtd-eb_cnt; eb++) {
int err, new_len;
- char buf[mtd-eb_size];
long long ec;
if (!args.quiet !args.verbose) {
@@ -404,12 +411,13 @@ static int flash_image(const struct mtd_dev_info *mtd,
if (!args.quiet !args.verbose)
printf(\n);
- close(fd);
- return eb + 1;
+
+ ret = eb + 1;
out_close:
+ free(buf);
close(fd);
- return -1;
+ return ret;
}
static int format(const struct mtd_dev_info *mtd,
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH] ubiformat: get buffer from malloc
Hi,
On Mon, Mar 25, 2013 at 04:15:57PM +0100, Jan Weitzel wrote:
There was a erase block sized (here 131072) char buf array on the stack.
Changed this to get the space from malloc preventing stack overflows.
Also fix a wrong return without clean up.
Signed-off-by: Jan Weitzel j.weit...@phytec.de
---
commands/ubiformat.c | 22 +++---
1 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/commands/ubiformat.c b/commands/ubiformat.c
index 47941be..121816f 100644
--- a/commands/ubiformat.c
+++ b/commands/ubiformat.c
@@ -296,13 +296,20 @@ static int mark_bad(const struct mtd_dev_info *mtd,
struct ubi_scan_info *si, in
static int flash_image(const struct mtd_dev_info *mtd,
const struct ubigen_info *ui, struct ubi_scan_info *si)
{
- int fd, img_ebs, eb, written_ebs = 0, divisor;
+ int fd, img_ebs, eb, written_ebs = 0, divisor, ret = -1;
off_t st_size;
+ char *buf = NULL;
fd = open_file(st_size);
if (fd 0)
return fd;
+ buf = malloc(mtd-eb_size);
+ if (!buf) {
+ sys_errmsg(cannot allocate %d bytes of memory, mtd-eb_size);
+ goto out_close;
meep, out_close will call free(buf). You need to add a new label above
free(buf);
+ }
+
img_ebs = st_size / mtd-eb_size;
if (img_ebs si-good_cnt) {
@@ -312,8 +319,9 @@ static int flash_image(const struct mtd_dev_info *mtd,
}
if (st_size % mtd-eb_size) {
- return sys_errmsg(file \%s\ (size %lld bytes) is not
multiple of eraseblock size (%d bytes),
- args.image, (long long)st_size, mtd-eb_size);
+ sys_errmsg(file \%s\ (size %lld bytes) is not multiple of
+eraseblock size (%d bytes),
+args.image, (long long)st_size, mtd-eb_size);
goto out_close;
}
@@ -321,7 +329,6 @@ static int flash_image(const struct mtd_dev_info *mtd,
divisor = img_ebs;
for (eb = 0; eb mtd-eb_cnt; eb++) {
int err, new_len;
- char buf[mtd-eb_size];
long long ec;
if (!args.quiet !args.verbose) {
@@ -404,12 +411,13 @@ static int flash_image(const struct mtd_dev_info *mtd,
if (!args.quiet !args.verbose)
printf(\n);
- close(fd);
- return eb + 1;
+
+ ret = eb + 1;
out_close:
+ free(buf);
here!
close(fd);
- return -1;
+ return ret;
}
static int format(const struct mtd_dev_info *mtd,
--
1.7.0.4
Alex
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH] ubiformat: get buffer from malloc
On Mon, Mar 25, 2013 at 04:32:15PM +0100, Alexander Aring wrote:
Hi,
On Mon, Mar 25, 2013 at 04:15:57PM +0100, Jan Weitzel wrote:
There was a erase block sized (here 131072) char buf array on the stack.
Changed this to get the space from malloc preventing stack overflows.
Also fix a wrong return without clean up.
Signed-off-by: Jan Weitzel j.weit...@phytec.de
---
commands/ubiformat.c | 22 +++---
1 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/commands/ubiformat.c b/commands/ubiformat.c
index 47941be..121816f 100644
--- a/commands/ubiformat.c
+++ b/commands/ubiformat.c
@@ -296,13 +296,20 @@ static int mark_bad(const struct mtd_dev_info *mtd,
struct ubi_scan_info *si, in
static int flash_image(const struct mtd_dev_info *mtd,
const struct ubigen_info *ui, struct ubi_scan_info *si)
{
- int fd, img_ebs, eb, written_ebs = 0, divisor;
+ int fd, img_ebs, eb, written_ebs = 0, divisor, ret = -1;
off_t st_size;
+ char *buf = NULL;
fd = open_file(st_size);
if (fd 0)
return fd;
+ buf = malloc(mtd-eb_size);
+ if (!buf) {
+ sys_errmsg(cannot allocate %d bytes of memory, mtd-eb_size);
+ goto out_close;
meep, out_close will call free(buf). You need to add a new label above
free(buf);
ah, free is null proofed sry.
Alex
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
