fastboot: sparse_file_len() returns int64_t.
Check that the value fits in uint32_t that's supported by the current
protocol.
Also fix and sanity check the max_size before passing it to
sparse_file_resparse(), which accepts `unsigned int`. This shouldn't
happen in practice because of RESPARSE_LIMIT (1 GiB).
Test: `fastboot flash` with small and large images.
Change-Id: I0a8279fc14c54c40a70ddce65c3b25173c0d0a40
diff --git a/fastboot/protocol.cpp b/fastboot/protocol.cpp
index a089567..7a333ee 100644
--- a/fastboot/protocol.cpp
+++ b/fastboot/protocol.cpp
@@ -344,12 +344,12 @@
}
int fb_download_data_sparse(Transport* transport, struct sparse_file* s) {
- int size = sparse_file_len(s, true, false);
- if (size <= 0) {
+ int64_t size = sparse_file_len(s, true, false);
+ if (size <= 0 || size > std::numeric_limits<uint32_t>::max()) {
return -1;
}
- std::string cmd(android::base::StringPrintf("download:%08x", size));
+ std::string cmd(android::base::StringPrintf("download:%08" PRIx64, size));
int r = _command_start(transport, cmd, size, 0);
if (r < 0) {
return -1;