Merge up to android-8.1.0_r1 and fix conflicts

Change-Id: I2dc060134d15ec9f015a606cb24ef8276f6af1fc

Android.bp

+subdirs = [
+//    "bootloader_message",
+//    "otautil",
+]

Android.mk

@@ -590,7 +590,7 @@ endif
 include $(CLEAR_VARS)
 LOCAL_SRC_FILES := fuse_sideload.cpp
 LOCAL_CLANG := true
-LOCAL_CFLAGS := -O2 -g -DADB_HOST=0 -Wall -Wno-unused-parameter
+LOCAL_CFLAGS := -Wall -Werror
 LOCAL_CFLAGS += -D_XOPEN_SOURCE -D_GNU_SOURCE
 
 LOCAL_MODULE_TAGS := optional
@@ -605,13 +605,35 @@ else
 endif
 include $(BUILD_SHARED_LIBRARY)
 
+# static libfusesideload
+# =============================== (required to fix build errors in 8.1 due to use by tests)
+include $(CLEAR_VARS)
+LOCAL_SRC_FILES := fuse_sideload.cpp
+LOCAL_CLANG := true
+LOCAL_CFLAGS := -Wall -Werror
+LOCAL_CFLAGS += -D_XOPEN_SOURCE -D_GNU_SOURCE
+
+LOCAL_MODULE_TAGS := optional
+LOCAL_MODULE := libfusesideload
+LOCAL_SHARED_LIBRARIES := libcutils libc
+ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 24; echo $$?),0)
+    LOCAL_C_INCLUDES := $(LOCAL_PATH)/libmincrypt/includes
+    LOCAL_STATIC_LIBRARIES += libmincrypttwrp
+    LOCAL_CFLAGS += -DUSE_MINCRYPT
+else
+    LOCAL_STATIC_LIBRARIES += libcrypto_static
+endif
+include $(BUILD_STATIC_LIBRARY)
+
 # libmounts (static library)
 # ===============================
 include $(CLEAR_VARS)
 LOCAL_SRC_FILES := mounts.cpp
-LOCAL_CLANG := true
-LOCAL_CFLAGS := -Wall -Wno-unused-parameter -Werror
+LOCAL_CFLAGS := \
+    -Wall \
+    -Werror
 LOCAL_MODULE := libmounts
+LOCAL_STATIC_LIBRARIES := libbase
 include $(BUILD_STATIC_LIBRARY)
 
 # librecovery (static library)
@@ -619,7 +641,7 @@ include $(BUILD_STATIC_LIBRARY)
 include $(CLEAR_VARS)
 LOCAL_SRC_FILES := \
     install.cpp
-LOCAL_CFLAGS := -Wno-unused-parameter -Werror
+LOCAL_CFLAGS := -Wall -Werror
 LOCAL_CFLAGS += -DRECOVERY_API_VERSION=$(RECOVERY_API_VERSION)
 
 ifeq ($(AB_OTA_UPDATER),true)
@@ -632,7 +654,8 @@ LOCAL_STATIC_LIBRARIES := \
     libvintf_recovery \
     libcrypto_utils \
     libcrypto \
-    libbase
+    libbase \
+    libziparchive \
 
 include $(BUILD_STATIC_LIBRARY)
 
@@ -661,6 +684,7 @@ else
     LOCAL_SHARED_LIBRARIES += libcrypto libbase
     LOCAL_SRC_FILES += verifier.cpp asn1_decoder.cpp
 endif
+
 ifeq ($(AB_OTA_UPDATER),true)
     LOCAL_CFLAGS += -DAB_OTA_UPDATER=1
 endif
@@ -679,7 +703,6 @@ include $(BUILD_SHARED_LIBRARY)
 include $(CLEAR_VARS)
 LOCAL_CLANG := true
 LOCAL_MODULE := libverifier
-LOCAL_MODULE_TAGS := tests
 LOCAL_SRC_FILES := \
     asn1_decoder.cpp \
     verifier.cpp \
@@ -687,16 +710,40 @@ LOCAL_SRC_FILES := \
 LOCAL_STATIC_LIBRARIES := libcrypto_static
 include $(BUILD_STATIC_LIBRARY)
 
+# Wear default device
+# ===============================
+include $(CLEAR_VARS)
+LOCAL_SRC_FILES := wear_device.cpp
+
+# Should match TARGET_RECOVERY_UI_LIB in BoardConfig.mk.
+LOCAL_MODULE := librecovery_ui_wear
+
+include $(BUILD_STATIC_LIBRARY)
+
+# vr headset default device
+# ===============================
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := vr_device.cpp
+
+# should match TARGET_RECOVERY_UI_LIB set in BoardConfig.mk
+LOCAL_MODULE := librecovery_ui_vr
+
+include $(BUILD_STATIC_LIBRARY)
+
 commands_recovery_local_path := $(LOCAL_PATH)
-include $(LOCAL_PATH)/tests/Android.mk \
-    $(LOCAL_PATH)/tools/Android.mk \
+
+include \
+    $(LOCAL_PATH)/applypatch/Android.mk \
+    $(LOCAL_PATH)/boot_control/Android.mk \
     $(LOCAL_PATH)/edify/Android.mk \
     $(LOCAL_PATH)/otafault/Android.mk \
-    $(LOCAL_PATH)/bootloader_message/Android.mk \
-    $(LOCAL_PATH)/bootloader_message_twrp/Android.mk \
+    $(LOCAL_PATH)/tests/Android.mk \
+    $(LOCAL_PATH)/tools/Android.mk \
     $(LOCAL_PATH)/updater/Android.mk \
     $(LOCAL_PATH)/update_verifier/Android.mk \
-    $(LOCAL_PATH)/applypatch/Android.mk
+    $(LOCAL_PATH)/bootloader_message/Android.mk \
+    $(LOCAL_PATH)/bootloader_message_twrp/Android.mk
 
 ifeq ($(wildcard system/core/uncrypt/Android.mk),)
     include $(commands_recovery_local_path)/uncrypt/Android.mk

OWNERS

+enh+aosp-gerrit@google.com
+tbao@google.com
+xunchang@google.com

adb_install.h

@@ -17,6 +17,8 @@
 #ifndef _ADB_INSTALL_H
 #define _ADB_INSTALL_H
 
+#include <sys/types.h>
+
 //class RecoveryUI;
 
 static void set_usb_driver(bool enabled);

applypatch/applypatch.cpp

@@ -27,6 +27,7 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#include <functional>
 #include <memory>
 #include <string>
 #include <utility>
@@ -45,7 +46,7 @@
 #include "print_sha1.h"
 
 static int LoadPartitionContents(const std::string& filename, FileContents* file);
-static ssize_t FileSink(const unsigned char* data, ssize_t len, void* token);
+static size_t FileSink(const unsigned char* data, size_t len, int fd);
 static int GenerateTarget(const FileContents& source_file, const std::unique_ptr<Value>& patch,
                           const std::string& target_filename,
                           const uint8_t target_sha1[SHA_DIGEST_LENGTH], const Value* bonus_data);
@@ -224,8 +225,8 @@ int SaveFileContents(const char* filename, const FileContents* file) {
     return -1;
   }
 
-  ssize_t bytes_written = FileSink(file->data.data(), file->data.size(), &fd);
-  if (bytes_written != static_cast<ssize_t>(file->data.size())) {
+  size_t bytes_written = FileSink(file->data.data(), file->data.size(), fd);
+  if (bytes_written != file->data.size()) {
     printf("short write of \"%s\" (%zd bytes of %zu): %s\n", filename, bytes_written,
            file->data.size(), strerror(errno));
     return -1;
@@ -531,25 +532,17 @@ int ShowLicenses() {
     return 0;
 }
 
-ssize_t FileSink(const unsigned char* data, ssize_t len, void* token) {
-    int fd = *static_cast<int*>(token);
-    ssize_t done = 0;
-    ssize_t wrote;
-    while (done < len) {
-        wrote = TEMP_FAILURE_RETRY(ota_write(fd, data+done, len-done));
-        if (wrote == -1) {
-            printf("error writing %zd bytes: %s\n", (len-done), strerror(errno));
-            return done;
-        }
-        done += wrote;
+static size_t FileSink(const unsigned char* data, size_t len, int fd) {
+  size_t done = 0;
+  while (done < len) {
+    ssize_t wrote = TEMP_FAILURE_RETRY(ota_write(fd, data + done, len - done));
+    if (wrote == -1) {
+      printf("error writing %zd bytes: %s\n", (len - done), strerror(errno));
+      return done;
     }
-    return done;
-}
-
-ssize_t MemorySink(const unsigned char* data, ssize_t len, void* token) {
-    std::string* s = static_cast<std::string*>(token);
-    s->append(reinterpret_cast<const char*>(data), len);
-    return len;
+    done += wrote;
+  }
+  return done;
 }
 
 // Return the amount of free space (in bytes) on the filesystem
@@ -745,9 +738,11 @@ static int GenerateTarget(const FileContents& source_file, const std::unique_ptr
   }
 
   // We store the decoded output in memory.
-  SinkFn sink = MemorySink;
   std::string memory_sink_str;  // Don't need to reserve space.
-  void* token = &memory_sink_str;
+  SinkFn sink = [&memory_sink_str](const unsigned char* data, size_t len) {
+    memory_sink_str.append(reinterpret_cast<const char*>(data), len);
+    return len;
+  };
 
   SHA_CTX ctx;
   SHA1_Init(&ctx);
@@ -755,10 +750,10 @@ static int GenerateTarget(const FileContents& source_file, const std::unique_ptr
   int result;
   if (use_bsdiff) {
     result = ApplyBSDiffPatch(source_file.data.data(), source_file.data.size(), patch.get(), 0,
-                              sink, token, &ctx);
+                              sink, &ctx);
   } else {
     result = ApplyImagePatch(source_file.data.data(), source_file.data.size(), patch.get(), sink,
-                             token, &ctx, bonus_data);
+                             &ctx, bonus_data);
   }
 
   if (result != 0) {

applypatch/applypatch_modes.cpp

@@ -44,19 +44,6 @@ static int CheckMode(int argc, const char** argv) {
     return applypatch_check(argv[2], sha1);
 }
 
-static int SpaceMode(int argc, const char** argv) {
-    if (argc != 3) {
-        return 2;
-    }
-
-    size_t bytes;
-    if (!android::base::ParseUint(argv[2], &bytes) || bytes == 0) {
-        printf("can't parse \"%s\" as byte count\n\n", argv[2]);
-        return 1;
-    }
-    return CacheSizeCheck(bytes);
-}
-
 // Parse arguments (which should be of the form "<sha1>:<filename>" into the
 // new parallel arrays *sha1s and *files. Returns true on success.
 static bool ParsePatchArgs(int argc, const char** argv, std::vector<std::string>* sha1s,
@@ -175,13 +162,12 @@ int applypatch_modes(int argc, const char** argv) {
             "usage: %s [-b <bonus-file>] <src-file> <tgt-file> <tgt-sha1> <tgt-size> "
             "[<src-sha1>:<patch> ...]\n"
             "   or  %s -c <file> [<sha1> ...]\n"
-            "   or  %s -s <bytes>\n"
             "   or  %s -l\n"
             "\n"
             "Filenames may be of the form\n"
             "  EMMC:<partition>:<len_1>:<sha1_1>:<len_2>:<sha1_2>:...\n"
             "to specify reading from or writing to an EMMC partition.\n\n",
-            argv[0], argv[0], argv[0], argv[0]);
+            argv[0], argv[0], argv[0]);
         return 2;
     }
 
@@ -191,8 +177,6 @@ int applypatch_modes(int argc, const char** argv) {
         result = ShowLicenses();
     } else if (strncmp(argv[1], "-c", 3) == 0) {
         result = CheckMode(argc, argv);
-    } else if (strncmp(argv[1], "-s", 3) == 0) {
-        result = SpaceMode(argc, argv);
     } else {
         result = PatchMode(argc, argv);
     }

applypatch/bspatch.cpp

@@ -23,10 +23,14 @@
 #include <stdio.h>
 #include <sys/types.h>
 
+#include <string>
+
+#include <android-base/logging.h>
 #include <bspatch.h>
+#include <openssl/sha.h>
 
 #include "applypatch/applypatch.h"
-#include "openssl/sha.h"
+#include "print_sha1.h"
 
 void ShowBSDiffLicense() {
     puts("The bsdiff library used herein is:\n"
@@ -60,25 +64,31 @@ void ShowBSDiffLicense() {
         );
 }
 
-int ApplyBSDiffPatch(const unsigned char* old_data, ssize_t old_size, const Value* patch,
-                     ssize_t patch_offset, SinkFn sink, void* token, SHA_CTX* ctx) {
-  auto sha_sink = [&](const uint8_t* data, size_t len) {
-    len = sink(data, len, token);
+int ApplyBSDiffPatch(const unsigned char* old_data, size_t old_size, const Value* patch,
+                     size_t patch_offset, SinkFn sink, SHA_CTX* ctx) {
+  auto sha_sink = [&sink, &ctx](const uint8_t* data, size_t len) {
+    len = sink(data, len);
     if (ctx) SHA1_Update(ctx, data, len);
     return len;
   };
-  return bsdiff::bspatch(old_data, old_size,
-                         reinterpret_cast<const uint8_t*>(&patch->data[patch_offset]),
-                         patch->data.size(), sha_sink);
-}
 
-int ApplyBSDiffPatchMem(const unsigned char* old_data, ssize_t old_size, const Value* patch,
-                        ssize_t patch_offset, std::vector<unsigned char>* new_data) {
-  auto vector_sink = [new_data](const uint8_t* data, size_t len) {
-    new_data->insert(new_data->end(), data, data + len);
-    return len;
-  };
-  return bsdiff::bspatch(old_data, old_size,
-                         reinterpret_cast<const uint8_t*>(&patch->data[patch_offset]),
-                         patch->data.size(), vector_sink);
-}
+  CHECK(patch != nullptr);
+  CHECK_LE(patch_offset, patch->data.size());
+
+  int result = bsdiff::bspatch(old_data, old_size,
+                               reinterpret_cast<const uint8_t*>(&patch->data[patch_offset]),
+                               patch->data.size() - patch_offset, sha_sink);
+  if (result != 0) {
+    LOG(ERROR) << "bspatch failed, result: " << result;
+    // print SHA1 of the patch in the case of a data error.
+    if (result == 2) {
+      uint8_t digest[SHA_DIGEST_LENGTH];
+      SHA1(reinterpret_cast<const uint8_t*>(patch->data.data() + patch_offset),
+           patch->data.size() - patch_offset, digest);
+      std::string patch_sha1 = print_sha1(digest);
+      LOG(ERROR) << "Patch may be corrupted, offset: " << patch_offset << ", SHA1: "
+                 << patch_sha1;
+    }
+  }
+  return result;
+}
\ No newline at end of file

applypatch/imgdiff.cpp

@@ -693,6 +693,20 @@ static bool ReadImage(const char* filename, std::vector<ImageChunk>* chunks,
         continue;
       }
 
+      // The footer contains the size of the uncompressed data.  Double-check to make sure that it
+      // matches the size of the data we got when we actually did the decompression.
+      size_t footer_index = pos + raw_data_len + GZIP_FOOTER_LEN - 4;
+      if (sz - footer_index < 4) {
+        printf("Warning: invalid footer position; treating as a nomal chunk\n");
+        continue;
+      }
+      size_t footer_size = get_unaligned<uint32_t>(img->data() + footer_index);
+      if (footer_size != uncompressed_len) {
+        printf("Warning: footer size %zu != decompressed size %zu; treating as a nomal chunk\n",
+               footer_size, uncompressed_len);
+        continue;
+      }
+
       ImageChunk body(CHUNK_DEFLATE, pos, img, raw_data_len);
       uncompressed_data.resize(uncompressed_len);
       body.SetUncompressedData(std::move(uncompressed_data));
@@ -704,17 +718,6 @@ static bool ReadImage(const char* filename, std::vector<ImageChunk>* chunks,
       chunks->emplace_back(CHUNK_NORMAL, pos, img, GZIP_FOOTER_LEN);
 
       pos += GZIP_FOOTER_LEN;
-
-      // The footer (that we just skipped over) contains the size of
-      // the uncompressed data.  Double-check to make sure that it
-      // matches the size of the data we got when we actually did
-      // the decompression.
-      size_t footer_size = get_unaligned<uint32_t>(img->data() + pos - 4);
-      if (footer_size != body.DataLengthForPatch()) {
-        printf("Error: footer size %zu != decompressed size %zu\n", footer_size,
-               body.GetRawDataLength());
-        return false;
-      }
     } else {
       // Use a normal chunk to take all the contents until the next gzip chunk (or EOF); we expect
       // the number of chunks to be small (5 for typical boot and recovery images).

applypatch/imgdiff_test.sh

-#!/bin/bash
-#
-# A script for testing imgdiff/applypatch.  It takes two full OTA
-# packages as arguments.  It generates (on the host) patches for all
-# the zip/jar/apk files they have in common, as well as boot and
-# recovery images.  It then applies the patches on the device (or
-# emulator) and checks that the resulting file is correct.
-
-EMULATOR_PORT=5580
-
-# set to 0 to use a device instead
-USE_EMULATOR=0
-
-# where on the device to do all the patching.
-WORK_DIR=/data/local/tmp
-
-START_OTA_PACKAGE=$1
-END_OTA_PACKAGE=$2
-
-# ------------------------
-
-tmpdir=$(mktemp -d)
-
-if [ "$USE_EMULATOR" == 1 ]; then
-  emulator -wipe-data -noaudio -no-window -port $EMULATOR_PORT &
-  pid_emulator=$!
-  ADB="adb -s emulator-$EMULATOR_PORT "
-else
-  ADB="adb -d "
-fi
-
-echo "waiting to connect to device"
-$ADB wait-for-device
-
-# run a command on the device; exit with the exit status of the device
-# command.
-run_command() {
-  $ADB shell "$@" \; echo \$? | awk '{if (b) {print a}; a=$0; b=1} END {exit a}'
-}
-
-testname() {
-  echo
-  echo "$1"...
-  testname="$1"
-}
-
-fail() {
-  echo
-  echo FAIL: $testname
-  echo
-  [ "$open_pid" == "" ] || kill $open_pid
-  [ "$pid_emulator" == "" ] || kill $pid_emulator
-  exit 1
-}
-
-sha1() {
-  sha1sum $1 | awk '{print $1}'
-}
-
-size() {
-  stat -c %s $1 | tr -d '\n'
-}
-
-cleanup() {
-  # not necessary if we're about to kill the emulator, but nice for
-  # running on real devices or already-running emulators.
-  testname "removing test files"
-  run_command rm $WORK_DIR/applypatch
-  run_command rm $WORK_DIR/source
-  run_command rm $WORK_DIR/target
-  run_command rm $WORK_DIR/patch
-
-  [ "$pid_emulator" == "" ] || kill $pid_emulator
-
-  rm -rf $tmpdir
-}
-
-$ADB push $ANDROID_PRODUCT_OUT/system/bin/applypatch $WORK_DIR/applypatch
-
-patch_and_apply() {
-  local fn=$1
-  shift
-
-  unzip -p $START_OTA_PACKAGE $fn > $tmpdir/source
-  unzip -p $END_OTA_PACKAGE $fn > $tmpdir/target
-  imgdiff "$@" $tmpdir/source $tmpdir/target $tmpdir/patch
-  bsdiff $tmpdir/source $tmpdir/target $tmpdir/patch.bs
-  echo "patch for $fn is $(size $tmpdir/patch) [of $(size $tmpdir/target)] ($(size $tmpdir/patch.bs) with bsdiff)"
-  echo "$fn $(size $tmpdir/patch) of $(size $tmpdir/target) bsdiff $(size $tmpdir/patch.bs)" >> /tmp/stats.txt
-  $ADB push $tmpdir/source $WORK_DIR/source || fail "source push failed"
-  run_command rm /data/local/tmp/target
-  $ADB push $tmpdir/patch $WORK_DIR/patch || fail "patch push failed"
-  run_command /data/local/tmp/applypatch /data/local/tmp/source \
-    /data/local/tmp/target $(sha1 $tmpdir/target) $(size $tmpdir/target) \
-    $(sha1 $tmpdir/source):/data/local/tmp/patch \
-    || fail "applypatch of $fn failed"
-  $ADB pull /data/local/tmp/target $tmpdir/result
-  diff -q $tmpdir/target $tmpdir/result || fail "patch output not correct!"
-}
-
-# --------------- basic execution ----------------------
-
-for i in $((zipinfo -1 $START_OTA_PACKAGE; zipinfo -1 $END_OTA_PACKAGE) | \
-           sort | uniq -d | egrep -e '[.](apk|jar|zip)$'); do
-  patch_and_apply $i -z
-done
-patch_and_apply boot.img
-patch_and_apply system/recovery.img
-
-
-# --------------- cleanup ----------------------
-
-cleanup
-
-echo
-echo PASS
-echo
-

applypatch/imgpatch.cpp

@@ -26,12 +26,14 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include <memory>
 #include <string>
 #include <vector>
 
+#include <android-base/logging.h>
+#include <android-base/memory.h>
 #include <applypatch/applypatch.h>
 #include <applypatch/imgdiff.h>
-#include <android-base/memory.h>
 #include <openssl/sha.h>
 #include <zlib.h>
 
@@ -43,12 +45,91 @@ static inline int32_t Read4(const void *address) {
   return android::base::get_unaligned<int32_t>(address);
 }
 
-int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size,
-                    const unsigned char* patch_data, ssize_t patch_size,
-                    SinkFn sink, void* token) {
+// This function is a wrapper of ApplyBSDiffPatch(). It has a custom sink function to deflate the
+// patched data and stream the deflated data to output.
+static bool ApplyBSDiffPatchAndStreamOutput(const uint8_t* src_data, size_t src_len,
+                                            const Value* patch, size_t patch_offset,
+                                            const char* deflate_header, SinkFn sink, SHA_CTX* ctx) {
+  size_t expected_target_length = static_cast<size_t>(Read8(deflate_header + 32));
+  int level = Read4(deflate_header + 40);
+  int method = Read4(deflate_header + 44);
+  int window_bits = Read4(deflate_header + 48);
+  int mem_level = Read4(deflate_header + 52);
+  int strategy = Read4(deflate_header + 56);
+
+  std::unique_ptr<z_stream, decltype(&deflateEnd)> strm(new z_stream(), deflateEnd);
+  strm->zalloc = Z_NULL;
+  strm->zfree = Z_NULL;
+  strm->opaque = Z_NULL;
+  strm->avail_in = 0;
+  strm->next_in = nullptr;
+  int ret = deflateInit2(strm.get(), level, method, window_bits, mem_level, strategy);
+  if (ret != Z_OK) {
+    LOG(ERROR) << "Failed to init uncompressed data deflation: " << ret;
+    return false;
+  }
+
+  // Define a custom sink wrapper that feeds to bspatch. It deflates the available patch data on
+  // the fly and outputs the compressed data to the given sink.
+  size_t actual_target_length = 0;
+  size_t total_written = 0;
+  static constexpr size_t buffer_size = 32768;
+  auto compression_sink = [&](const uint8_t* data, size_t len) -> size_t {
+    // The input patch length for an update never exceeds INT_MAX.
+    strm->avail_in = len;
+    strm->next_in = data;
+    do {
+      std::vector<uint8_t> buffer(buffer_size);
+      strm->avail_out = buffer_size;
+      strm->next_out = buffer.data();
+      if (actual_target_length + len < expected_target_length) {
+        ret = deflate(strm.get(), Z_NO_FLUSH);
+      } else {
+        ret = deflate(strm.get(), Z_FINISH);
+      }
+      if (ret != Z_OK && ret != Z_STREAM_END) {
+        LOG(ERROR) << "Failed to deflate stream: " << ret;
+        // zero length indicates an error in the sink function of bspatch().
+        return 0;
+      }
+
+      size_t have = buffer_size - strm->avail_out;
+      total_written += have;
+      if (sink(buffer.data(), have) != have) {
+        LOG(ERROR) << "Failed to write " << have << " compressed bytes to output.";
+        return 0;
+      }
+      if (ctx) SHA1_Update(ctx, buffer.data(), have);
+    } while ((strm->avail_in != 0 || strm->avail_out == 0) && ret != Z_STREAM_END);
+
+    actual_target_length += len;
+    return len;
+  };
+
+  if (ApplyBSDiffPatch(src_data, src_len, patch, patch_offset, compression_sink, nullptr) != 0) {
+    return false;
+  }
+
+  if (ret != Z_STREAM_END) {
+    LOG(ERROR) << "ret is expected to be Z_STREAM_END, but it's " << ret;
+    return false;
+  }
+
+  if (expected_target_length != actual_target_length) {
+    LOG(ERROR) << "target length is expected to be " << expected_target_length << ", but it's "
+               << actual_target_length;
+    return false;
+  }
+  LOG(DEBUG) << "bspatch writes " << total_written << " bytes in total to streaming output.";
+
+  return true;
+}
+
+int ApplyImagePatch(const unsigned char* old_data, size_t old_size, const unsigned char* patch_data,
+                    size_t patch_size, SinkFn sink) {
   Value patch(VAL_BLOB, std::string(reinterpret_cast<const char*>(patch_data), patch_size));
 
-  return ApplyImagePatch(old_data, old_size, &patch, sink, token, nullptr, nullptr);
+  return ApplyImagePatch(old_data, old_size, &patch, sink, nullptr, nullptr);
 }
 
 /*
@@ -57,8 +138,8 @@ int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size,
  * file, and update the SHA context with the output data as well.
  * Return 0 on success.
  */
-int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size, const Value* patch,
-                    SinkFn sink, void* token, SHA_CTX* ctx, const Value* bonus_data) {
+int ApplyImagePatch(const unsigned char* old_data, size_t old_size, const Value* patch, SinkFn sink,
+                    SHA_CTX* ctx, const Value* bonus_data) {
   if (patch->data.size() < 12) {
     printf("patch too short to contain header\n");
     return -1;
@@ -97,11 +178,14 @@ int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size, const Value
       size_t src_len = static_cast<size_t>(Read8(normal_header + 8));
       size_t patch_offset = static_cast<size_t>(Read8(normal_header + 16));
 
-      if (src_start + src_len > static_cast<size_t>(old_size)) {
+      if (src_start + src_len > old_size) {
         printf("source data too short\n");
         return -1;
       }
-      ApplyBSDiffPatch(old_data + src_start, src_len, patch, patch_offset, sink, token, ctx);
+      if (ApplyBSDiffPatch(old_data + src_start, src_len, patch, patch_offset, sink, ctx) != 0) {
+        printf("Failed to apply bsdiff patch.\n");
+        return -1;
+      }
     } else if (type == CHUNK_RAW) {
       const char* raw_header = &patch->data[pos];
       pos += 4;
@@ -110,15 +194,14 @@ int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size, const Value
         return -1;
       }
 
-      ssize_t data_len = Read4(raw_header);
+      size_t data_len = static_cast<size_t>(Read4(raw_header));
 
       if (pos + data_len > patch->data.size()) {
         printf("failed to read chunk %d raw data\n", i);
         return -1;
       }
       if (ctx) SHA1_Update(ctx, &patch->data[pos], data_len);
-      if (sink(reinterpret_cast<const unsigned char*>(&patch->data[pos]), data_len, token) !=
-          data_len) {
+      if (sink(reinterpret_cast<const unsigned char*>(&patch->data[pos]), data_len) != data_len) {
         printf("failed to write chunk %d raw data\n", i);
         return -1;
       }
@@ -136,14 +219,8 @@ int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size, const Value
       size_t src_len = static_cast<size_t>(Read8(deflate_header + 8));
       size_t patch_offset = static_cast<size_t>(Read8(deflate_header + 16));
       size_t expanded_len = static_cast<size_t>(Read8(deflate_header + 24));
-      size_t target_len = static_cast<size_t>(Read8(deflate_header + 32));
-      int level = Read4(deflate_header + 40);
-      int method = Read4(deflate_header + 44);
-      int windowBits = Read4(deflate_header + 48);
-      int memLevel = Read4(deflate_header + 52);
-      int strategy = Read4(deflate_header + 56);
-
-      if (src_start + src_len > static_cast<size_t>(old_size)) {
+
+      if (src_start + src_len > old_size) {
         printf("source data too short\n");
         return -1;
       }
@@ -198,58 +275,12 @@ int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size, const Value
         }
       }
 
-      // Next, apply the bsdiff patch (in memory) to the uncompressed data.
-      std::vector<unsigned char> uncompressed_target_data;
-      // TODO(senj): Remove the only usage of ApplyBSDiffPatchMem here,
-      // replace it with ApplyBSDiffPatch with a custom sink function that
-      // wraps the given sink function to stream output to save memory.
-      if (ApplyBSDiffPatchMem(expanded_source.data(), expanded_len, patch, patch_offset,
-                              &uncompressed_target_data) != 0) {
-        return -1;
-      }
-      if (uncompressed_target_data.size() != target_len) {
-        printf("expected target len to be %zu, but it's %zu\n", target_len,
-               uncompressed_target_data.size());
+      if (!ApplyBSDiffPatchAndStreamOutput(expanded_source.data(), expanded_len, patch,