Check an edge case when read(2) returns 0
We might end up in an infinite loop if read(2) reached EOF unexpectedly.
The problematic code in uncrypt mentioned in the bug has been fixed
by switching to libbase ReadFully(). So I grepped through the recovery
code and fixed some other occurences of the issue.
Bug: 31073201
Change-Id: Ib867029158ba23363b8f85d61c25058a635c5a6b
diff --git a/applypatch/applypatch.cpp b/applypatch/applypatch.cpp
index 02a3c6e..e52ef99 100644
--- a/applypatch/applypatch.cpp
+++ b/applypatch/applypatch.cpp
@@ -336,6 +336,9 @@
printf("verify read error %s at %zu: %s\n",
partition, p, strerror(errno));
return -1;
+ } else if (read_count == 0) {
+ printf("verify read reached unexpected EOF, %s at %zu\n", partition, p);
+ return -1;
}
if (static_cast<size_t>(read_count) < to_read) {
printf("short verify read %s at %zu: %zd %zu %s\n",
diff --git a/fuse_sdcard_provider.cpp b/fuse_sdcard_provider.cpp
index df96312..b0ecf96 100644
--- a/fuse_sdcard_provider.cpp
+++ b/fuse_sdcard_provider.cpp
@@ -23,6 +23,8 @@
#include <unistd.h>
#include <fcntl.h>
+#include <android-base/file.h>
+
#include "fuse_sideload.h"
struct file_data {
@@ -41,14 +43,9 @@
return -EIO;
}
- while (fetch_size > 0) {
- ssize_t r = TEMP_FAILURE_RETRY(read(fd->fd, buffer, fetch_size));
- if (r == -1) {
- fprintf(stderr, "read on sdcard failed: %s\n", strerror(errno));
- return -EIO;
- }
- fetch_size -= r;
- buffer += r;
+ if (!android::base::ReadFully(fd->fd, buffer, fetch_size)) {
+ fprintf(stderr, "read on sdcard failed: %s\n", strerror(errno));
+ return -EIO;
}
return 0;
diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp
index f00bc4b..0caa1ac 100644
--- a/updater/blockimg.cpp
+++ b/updater/blockimg.cpp
@@ -151,6 +151,10 @@
failure_type = kFreadFailure;
fprintf(stderr, "read failed: %s\n", strerror(errno));
return -1;
+ } else if (r == 0) {
+ failure_type = kFreadFailure;
+ fprintf(stderr, "read reached unexpected EOF.\n");
+ return -1;
}
so_far += r;
}