* [PATCH] mtd-utils: Check mtdoffset is not larger than mtd.size in case of a bad block.
@ 2012-06-26 21:46 Tomer Barletz
2012-06-29 8:32 ` Artem Bityutskiy
0 siblings, 1 reply; 2+ messages in thread
From: Tomer Barletz @ 2012-06-26 21:46 UTC (permalink / raw)
To: linux-mtd
mtdoffset is being tested against mtd.size in the outer two loops, but
the third nested one does not test against it.
In case of a bad block we'll try to access an out of bounds offset in
the next MEMGETBADBLOCK ioctl, which will fail with EINVAL.
In case mtdoffset is indeed larger than the partition size, we need to
bail, since there are not enough "good" blocks to complete the write.
Signed-off-by: Tomer Barletz <barletz@gmail.com>
---
nandwrite.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/nandwrite.c b/nandwrite.c
index a42f7c9..8bd00c1 100644
--- a/nandwrite.c
+++ b/nandwrite.c
@@ -399,6 +399,11 @@ int main(int argc, char * const argv[])
if (baderaseblock) {
mtdoffset = blockstart + ebsize_aligned;
+
+ if (mtdoffset > mtd.size) {
+ perror("Too many bad blocks - cannot complete request.");
+ goto closeall;
+ }
}
offs += ebsize_aligned / blockalign;
} while (offs < blockstart + ebsize_aligned);
--
1.7.1
--Tomer
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] mtd-utils: Check mtdoffset is not larger than mtd.size in case of a bad block.
2012-06-26 21:46 [PATCH] mtd-utils: Check mtdoffset is not larger than mtd.size in case of a bad block Tomer Barletz
@ 2012-06-29 8:32 ` Artem Bityutskiy
0 siblings, 0 replies; 2+ messages in thread
From: Artem Bityutskiy @ 2012-06-29 8:32 UTC (permalink / raw)
To: Tomer Barletz; +Cc: linux-mtd
[-- Attachment #1: Type: text/plain, Size: 595 bytes --]
On Tue, 2012-06-26 at 14:46 -0700, Tomer Barletz wrote:
> mtdoffset is being tested against mtd.size in the outer two loops, but
> the third nested one does not test against it.
> In case of a bad block we'll try to access an out of bounds offset in
> the next MEMGETBADBLOCK ioctl, which will fail with EINVAL.
> In case mtdoffset is indeed larger than the partition size, we need to
> bail, since there are not enough "good" blocks to complete the write.
>
> Signed-off-by: Tomer Barletz <barletz@gmail.com>
Pushed to mtd-utils, thanks!
--
Best Regards,
Artem Bityutskiy
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-06-29 8:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-06-26 21:46 [PATCH] mtd-utils: Check mtdoffset is not larger than mtd.size in case of a bad block Tomer Barletz
2012-06-29 8:32 ` Artem Bityutskiy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.