Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 076ca9e7 authored by Keith Mok's avatar Keith Mok Committed by Michael Bestas
Browse files

fs_mgr: BLKGETSIZE causes memory corruption

BLKGETSIZE return unsigned long sector size,
but unsigned long is of 8 bytes in 64 bits system.
Passing an integar value will causes stack corruption.
Use BLKGETSIZE64 instead.

Change-Id: If2bf44673f5ab3436f79f0af3252990d56748f5c
parent 730d3534
Loading
Loading
Loading
Loading
+3 −3
Original line number Diff line number Diff line
@@ -33,7 +33,7 @@ extern void reset_ext4fs_info();

static int format_ext4(char *fs_blkdev, char *fs_mnt_point, long long fs_length)
{
    unsigned int nr_sec;
    uint64_t dev_sz;
    int fd, rc = 0;

    if ((fd = open(fs_blkdev, O_WRONLY, 0644)) < 0) {
@@ -41,7 +41,7 @@ static int format_ext4(char *fs_blkdev, char *fs_mnt_point, long long fs_length)
        return -1;
    }

    if ((ioctl(fd, BLKGETSIZE, &nr_sec)) == -1) {
    if ((ioctl(fd, BLKGETSIZE64, &dev_sz)) == -1) {
        ERROR("Cannot get block device size.  %s\n", strerror(errno));
        close(fd);
        return -1;
@@ -49,7 +49,7 @@ static int format_ext4(char *fs_blkdev, char *fs_mnt_point, long long fs_length)

    /* Format the partition using the calculated length */
    reset_ext4fs_info();
    info.len = ((off64_t)nr_sec * 512);
    info.len = (off64_t)dev_sz;

    if (fs_length > 0) {
        info.len = fs_length;