Merge "Fix minui cleanup path on error." am: fa9af7dae6 am: af38cd9330
am: 149b9eb2d8
* commit '149b9eb2d82ae49e110c3fd95ab99dd726e0f9e8':
Fix minui cleanup path on error.
diff --git a/minzip/SysUtil.c b/minzip/SysUtil.c
index 09ec876..491951c 100644
--- a/minzip/SysUtil.c
+++ b/minzip/SysUtil.c
@@ -8,6 +8,7 @@
#include <fcntl.h>
#include <limits.h>
#include <stdbool.h>
+#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -39,6 +40,11 @@
pMap->length = sb.st_size;
pMap->range_count = 1;
pMap->ranges = malloc(sizeof(MappedRange));
+ if (pMap->ranges == NULL) {
+ LOGE("malloc failed: %s\n", strerror(errno));
+ munmap(memPtr, sb.st_size);
+ return false;
+ }
pMap->ranges[0].addr = memPtr;
pMap->ranges[0].length = sb.st_size;
@@ -50,7 +56,7 @@
char block_dev[PATH_MAX+1];
size_t size;
unsigned int blksize;
- unsigned int blocks;
+ size_t blocks;
unsigned int range_count;
unsigned int i;
@@ -69,18 +75,28 @@
LOGE("failed to parse block map header\n");
return -1;
}
-
- blocks = ((size-1) / blksize) + 1;
+ if (blksize != 0) {
+ blocks = ((size-1) / blksize) + 1;
+ }
+ if (size == 0 || blksize == 0 || blocks > SIZE_MAX / blksize) {
+ LOGE("invalid data in block map file: size %zu, blksize %u, range_count %u\n",
+ size, blksize, range_count);
+ return -1;
+ }
pMap->range_count = range_count;
- pMap->ranges = malloc(range_count * sizeof(MappedRange));
- memset(pMap->ranges, 0, range_count * sizeof(MappedRange));
+ pMap->ranges = calloc(range_count, sizeof(MappedRange));
+ if (pMap->ranges == NULL) {
+ LOGE("calloc(%u, %zu) failed: %s\n", range_count, sizeof(MappedRange), strerror(errno));
+ return -1;
+ }
// Reserve enough contiguous address space for the whole file.
unsigned char* reserve;
reserve = mmap64(NULL, blocks * blksize, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0);
if (reserve == MAP_FAILED) {
LOGE("failed to reserve address space: %s\n", strerror(errno));
+ free(pMap->ranges);
return -1;
}
@@ -90,6 +106,8 @@
int fd = open(block_dev, O_RDONLY);
if (fd < 0) {
LOGE("failed to open block device %s: %s\n", block_dev, strerror(errno));
+ munmap(reserve, blocks * blksize);
+ free(pMap->ranges);
return -1;
}
@@ -98,12 +116,16 @@
int start, end;
if (fscanf(mapf, "%d %d\n", &start, &end) != 2) {
LOGE("failed to parse range %d in block map\n", i);
+ munmap(reserve, blocks * blksize);
+ free(pMap->ranges);
return -1;
}
void* addr = mmap64(next, (end-start)*blksize, PROT_READ, MAP_PRIVATE | MAP_FIXED, fd, ((off64_t)start)*blksize);
if (addr == MAP_FAILED) {
LOGE("failed to map block %d: %s\n", i, strerror(errno));
+ munmap(reserve, blocks * blksize);
+ free(pMap->ranges);
return -1;
}
pMap->ranges[i].addr = addr;
diff --git a/updater/updater.cpp b/updater/updater.cpp
index 0f22e6d..80e7503 100644
--- a/updater/updater.cpp
+++ b/updater/updater.cpp
@@ -19,6 +19,8 @@
#include <stdlib.h>
#include <string.h>
+#include <string>
+
#include "edify/expr.h"
#include "updater.h"
#include "install.h"
@@ -89,12 +91,11 @@
return 4;
}
- char* script = reinterpret_cast<char*>(malloc(script_entry->uncompLen+1));
- if (!mzReadZipEntry(&za, script_entry, script, script_entry->uncompLen)) {
+ std::string script(script_entry->uncompLen, '\0');
+ if (!mzReadZipEntry(&za, script_entry, &script[0], script_entry->uncompLen)) {
printf("failed to read script from package\n");
return 5;
}
- script[script_entry->uncompLen] = '\0';
// Configure edify's functions.
@@ -108,7 +109,7 @@
Expr* root;
int error_count = 0;
- int error = parse_string(script, &root, &error_count);
+ int error = parse_string(script.c_str(), &root, &error_count);
if (error != 0 || error_count > 0) {
printf("%d parse errors\n", error_count);
return 6;
@@ -135,7 +136,7 @@
State state;
state.cookie = &updater_info;
- state.script = script;
+ state.script = &script[0];
state.errmsg = NULL;
char* result = Evaluate(&state, root);
@@ -163,7 +164,5 @@
mzCloseZipArchive(updater_info.package_zip);
}
sysReleaseMap(&map);
- free(script);
-
return 0;
}