[MTD-UTILS] BUG: ubiformat fails on big partitions (>4Gio)
Richard Genoud
richard.genoud at gmail.com
Wed Sep 12 10:37:19 EDT 2012
The offset (which is 64bits when mtd-utils are not compile with
WITHOUT_LARGEFILE) is calculated like that:
offset = nb * size;
But nb and size are int, so on 32bits platforms, there's a possible
overflow.
So, it should be replace with:
offset = (off_t)nb * size;
If WITHOUT_LARGEFILE is defined, there still be an overflow, but it's
what we want, right ?
Cheney Chen tested an ubiformat on a NAND (5.9 GiB mtd part).
Reported-by: Cheney Chen <cheneychencl2012 at gmail.com>
Tested-by: Cheney Chen <cheneychencl2012 at gmail.com>
Signed-off-by: Richard Genoud <richard.genoud at gmail.com>
---
ubi-utils/libubigen.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/ubi-utils/libubigen.c b/ubi-utils/libubigen.c
index 9eaa7f5..d2a949b 100644
--- a/ubi-utils/libubigen.c
+++ b/ubi-utils/libubigen.c
@@ -279,7 +279,7 @@ int ubigen_write_layout_vol(const struct ubigen_info *ui, int peb1, int peb2,
memset(outbuf + ui->data_offs + ui->vtbl_size, 0xFF,
ui->peb_size - ui->data_offs - ui->vtbl_size);
- seek = peb1 * ui->peb_size;
+ seek = (off_t) peb1 * ui->peb_size;
if (lseek(fd, seek, SEEK_SET) != seek) {
sys_errmsg("cannot seek output file");
goto out_free;
@@ -293,7 +293,7 @@ int ubigen_write_layout_vol(const struct ubigen_info *ui, int peb1, int peb2,
goto out_free;
}
- seek = peb2 * ui->peb_size;
+ seek = (off_t) peb2 * ui->peb_size;
if (lseek(fd, seek, SEEK_SET) != seek) {
sys_errmsg("cannot seek output file");
goto out_free;
--
1.7.2.5
More information about the linux-mtd
mailing list