diff options
| author | Tom Cherry <tomcherry@google.com> | 2020-06-16 17:48:44 +0000 |
|---|---|---|
| committer | Randall Huang <huangrandall@google.com> | 2020-06-16 23:32:39 +0000 |
| commit | e28dc48de52af3e216fb3a85df382f3643b39496 (patch) | |
| tree | 20c5c1376f4b5a1793a729bc23828e74f8387c7d /libutils/ProcessCallStack_fuzz.cpp | |
| parent | 755eb6b6069efb3edbbaa335899d34369ddea83a (diff) | |
fsmgr: fix integer overflow in fs_mgr
As the EXT4_MAX_BLOCK_SIZE defined as 65536 which reached maxium value
of unsigned int. The superblock value maybe larger than 65536. This is
found by the Integer Overflow Sanitizer.
This patch fixed below boot error when userdata is corrupted:
init: processing action (fs) from
(/vendor/etc/init/hw/init.freescale.rc:221)
init: [libfs_mgr]Invalid ext4 superblock on '/dev/block/by-name/userdata'
init: InitFatalReboot: signal 6 init: #00 pc 00000000000af7e8 /system/bin/init
(android::init::InitFatalReboot(int)+208) init: #01 pc 00000000000afbd0 /system/bin/init
(android::init::InstallRebootSignalHandlers()::$_22::__invoke(int)+32)
init: #02 pc 00000000000006bc [vdso:0000ffff9691b000] (__kernel_rt_sigreturn)
init: #03 pc 000000000004e070 /system/lib64/bootstrap/libc.so (abort+176)
init: #04 pc 000000000003427c /system/lib64/libfs_mgr.so
(read_ext4_superblock(std::__1::basic_string<char, std::__1::char_
traits<char>, std::__1::allocator<char> > const&,
android::fs_mgr::FstabEntry const&, ext4_super_block*, int*)+1804)
Test: boot with corrupted ext4 superblock
Bug: 156200421
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
Change-Id: Ib1b69bf4623f69696cb637b226ec3359fc2ed409
(cherry picked from commit cb472b92e54ba1647c02397565958322f0d74929)
Diffstat (limited to 'libutils/ProcessCallStack_fuzz.cpp')
0 files changed, 0 insertions, 0 deletions