From e8d02c50d76e278f91455bd90e1db2ae79eac035 Mon Sep 17 00:00:00 2001
From: Hyeongseok Kim <hyeongseok@gmail.com>
Date: Mon, 10 Aug 2020 12:11:57 +0900
Subject: libsparse: Fix overflow of merged sparse chunk length

Merging sparse chunk can make sparse map block bigger than 4GiB,
that can't be covered by unsigned integer type. Fix this by
changing unsigned int to uint64_t type.

Test: sparse build
Bug: 162808120
Change-Id: Id4d3f88f9d531c25c3937c99b2c81efb915605ee
Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>
Cc: hyeongseok.kim <hyeongseok.kim@lge.com>
---
 libsparse/backed_block.cpp | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'libsparse/backed_block.cpp')

diff --git a/libsparse/backed_block.cpp b/libsparse/backed_block.cpp
index f3d8022ac..6229e7c6e 100644
--- a/libsparse/backed_block.cpp
+++ b/libsparse/backed_block.cpp
@@ -25,7 +25,7 @@
 
 struct backed_block {
   unsigned int block;
-  unsigned int len;
+  uint64_t len;
   enum backed_block_type type;
   union {
     struct {
@@ -60,7 +60,7 @@ struct backed_block* backed_block_iter_next(struct backed_block* bb) {
   return bb->next;
 }
 
-unsigned int backed_block_len(struct backed_block* bb) {
+uint64_t backed_block_len(struct backed_block* bb) {
   return bb->len;
 }
 
@@ -270,7 +270,7 @@ static int queue_bb(struct backed_block_list* bbl, struct backed_block* new_bb)
 }
 
 /* Queues a fill block of memory to be written to the specified data blocks */
-int backed_block_add_fill(struct backed_block_list* bbl, unsigned int fill_val, unsigned int len,
+int backed_block_add_fill(struct backed_block_list* bbl, unsigned int fill_val, uint64_t len,
                           unsigned int block) {
   struct backed_block* bb = reinterpret_cast<backed_block*>(calloc(1, sizeof(struct backed_block)));
   if (bb == nullptr) {
@@ -287,7 +287,7 @@ int backed_block_add_fill(struct backed_block_list* bbl, unsigned int fill_val,
 }
 
 /* Queues a block of memory to be written to the specified data blocks */
-int backed_block_add_data(struct backed_block_list* bbl, void* data, unsigned int len,
+int backed_block_add_data(struct backed_block_list* bbl, void* data, uint64_t len,
                           unsigned int block) {
   struct backed_block* bb = reinterpret_cast<backed_block*>(calloc(1, sizeof(struct backed_block)));
   if (bb == nullptr) {
@@ -305,7 +305,7 @@ int backed_block_add_data(struct backed_block_list* bbl, void* data, unsigned in
 
 /* Queues a chunk of a file on disk to be written to the specified data blocks */
 int backed_block_add_file(struct backed_block_list* bbl, const char* filename, int64_t offset,
-                          unsigned int len, unsigned int block) {
+                          uint64_t len, unsigned int block) {
   struct backed_block* bb = reinterpret_cast<backed_block*>(calloc(1, sizeof(struct backed_block)));
   if (bb == nullptr) {
     return -ENOMEM;
@@ -322,7 +322,7 @@ int backed_block_add_file(struct backed_block_list* bbl, const char* filename, i
 }
 
 /* Queues a chunk of a fd to be written to the specified data blocks */
-int backed_block_add_fd(struct backed_block_list* bbl, int fd, int64_t offset, unsigned int len,
+int backed_block_add_fd(struct backed_block_list* bbl, int fd, int64_t offset, uint64_t len,
                         unsigned int block) {
   struct backed_block* bb = reinterpret_cast<backed_block*>(calloc(1, sizeof(struct backed_block)));
   if (bb == nullptr) {
-- 
cgit v1.2.3