fastboot: Handle libsparse failures better. sparse_file_len is not actually infallible; on Windows it's pretty easy to make it fail by embedding large files in the stream. fastboot didn't handle this anywhere, leading to bad sparse images when libsparse runs out of address space. Bug: 273933042 Bug: 268872725 Test: fastboot flashall on Windows Change-Id: Ie68aed2f1970e820350d9f97aa89a6c0242229b8

commit: 74c7807af1fffdf81b93144389a10abfa5c969c1 [log] [tgz]
author: David Anderson <dvander@google.com> Thu Mar 16 21:21:28 2023 -0700
committer: David Anderson <dvander@google.com> Mon Mar 20 15:55:57 2023 -0700
tree: 826d1f7d21575e5de32b6cfe7fcbc8e854b92362
parent: f06debcf24509a2bd33ebae51aaeffdc675fc2be [diff]
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 15d1874..3cb878d 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp

@@ -988,7 +988,7 @@
     }
 
     const int files = sparse_file_resparse(s, max_size, nullptr, 0);
-    if (files < 0) die("Failed to resparse");
+    if (files < 0) die("Failed to compute resparse boundaries");
 
     auto temp = std::make_unique<sparse_file*[]>(files);
     const int rv = sparse_file_resparse(s, max_size, temp.get(), files);
@@ -1057,6 +1057,10 @@
 
     if (sparse_file* s = sparse_file_import(fd.get(), false, false)) {
         buf->image_size = sparse_file_len(s, false, false);
+        if (buf->image_size < 0) {
+            LOG(ERROR) << "Could not compute length of sparse file";
+            return false;
+        }
         sparse_file_destroy(s);
     } else {
         buf->image_size = sz;
@@ -1166,15 +1170,6 @@
     return fb->GetVar("is-logical:" + partition, &value) == fastboot::SUCCESS && value == "yes";
 }
 
-static std::string fb_fix_numeric_var(std::string var) {
-    // Some bootloaders (angler, for example), send spurious leading whitespace.
-    var = android::base::Trim(var);
-    // Some bootloaders (hammerhead, for example) use implicit hex.
-    // This code used to use strtol with base 16.
-    if (!android::base::StartsWith(var, "0x")) var = "0x" + var;
-    return var;
-}
-
 static uint64_t get_partition_size(const std::string& partition) {
     std::string partition_size_str;
     if (fb->GetVar("partition-size:" + partition, &partition_size_str) != fastboot::SUCCESS) {
@@ -1247,6 +1242,9 @@
     for (size_t i = 0; i < files.size(); i++) {
         sparse_file* s = files[i].get();
         int64_t sz = sparse_file_len(s, true, false);
+        if (sz < 0) {
+            LOG(FATAL) << "Could not compute length of sparse image for " << partition;
+        }
         fb->FlashPartition(partition, s, sz, i + 1, files.size());
     }
 }

diff --git a/fastboot/task.cpp b/fastboot/task.cpp
index c70139b..b21558c 100644
--- a/fastboot/task.cpp
+++ b/fastboot/task.cpp

@@ -19,6 +19,8 @@
 #include "filesystem.h"
 #include "super_flash_helper.h"
 
+#include <android-base/parseint.h>
+
 using namespace std::string_literals;
 
 FlashTask::FlashTask(const std::string& slot, const std::string& pname)
@@ -70,14 +72,18 @@
 
 FlashSuperLayoutTask::FlashSuperLayoutTask(const std::string& super_name,
                                            std::unique_ptr<SuperFlashHelper> helper,
-                                           SparsePtr sparse_layout)
+                                           SparsePtr sparse_layout, uint64_t super_size)
     : super_name_(super_name),
       helper_(std::move(helper)),
-      sparse_layout_(std::move(sparse_layout)) {}
+      sparse_layout_(std::move(sparse_layout)),
+      super_size_(super_size) {}
 
 void FlashSuperLayoutTask::Run() {
+    // Use the reported super partition size as the upper limit, rather than
+    // sparse_file_len, which (1) can fail and (2) is kind of expensive, since
+    // it will map in all of the embedded fds.
     std::vector<SparsePtr> files;
-    if (int limit = get_sparse_limit(sparse_file_len(sparse_layout_.get(), false, false))) {
+    if (int limit = get_sparse_limit(super_size_)) {
         files = resparse_file(sparse_layout_.get(), limit);
     } else {
         files.emplace_back(std::move(sparse_layout_));
@@ -111,12 +117,19 @@
     if (fp->fb->GetVar("super-partition-name", &super_name) != fastboot::SUCCESS) {
         super_name = "super";
     }
-    std::string partition_size_str;
 
+    uint64_t partition_size;
+    std::string partition_size_str;
     if (fp->fb->GetVar("partition-size:" + super_name, &partition_size_str) != fastboot::SUCCESS) {
         LOG(VERBOSE) << "Cannot optimize super flashing: could not determine super partition";
         return nullptr;
     }
+    partition_size_str = fb_fix_numeric_var(partition_size_str);
+    if (!android::base::ParseUint(partition_size_str, &partition_size)) {
+        LOG(VERBOSE) << "Could not parse " << super_name << " size: " << partition_size_str;
+        return nullptr;
+    }
+
     std::unique_ptr<SuperFlashHelper> helper = std::make_unique<SuperFlashHelper>(*fp->source);
     if (!helper->Open(fd)) {
         return nullptr;
@@ -140,7 +153,8 @@
     };
     os_images.erase(std::remove_if(os_images.begin(), os_images.end(), remove_if_callback),
                     os_images.end());
-    return std::make_unique<FlashSuperLayoutTask>(super_name, std::move(helper), std::move(s));
+    return std::make_unique<FlashSuperLayoutTask>(super_name, std::move(helper), std::move(s),
+                                                  partition_size);
 }
 
 UpdateSuperTask::UpdateSuperTask(FlashingPlan* fp) : fp_(fp) {}

diff --git a/fastboot/task.h b/fastboot/task.h
index 149c34c..c4914d1 100644
--- a/fastboot/task.h
+++ b/fastboot/task.h

@@ -57,7 +57,7 @@
 class FlashSuperLayoutTask : public Task {
   public:
     FlashSuperLayoutTask(const std::string& super_name, std::unique_ptr<SuperFlashHelper> helper,
-                         SparsePtr sparse_layout);
+                         SparsePtr sparse_layout, uint64_t super_size);
     static std::unique_ptr<FlashSuperLayoutTask> Initialize(FlashingPlan* fp,
                                                             std::vector<ImageEntry>& os_images);
     using ImageEntry = std::pair<const Image*, std::string>;
@@ -67,6 +67,7 @@
     const std::string super_name_;
     std::unique_ptr<SuperFlashHelper> helper_;
     SparsePtr sparse_layout_;
+    uint64_t super_size_;
 };
 
 class UpdateSuperTask : public Task {

diff --git a/fastboot/util.cpp b/fastboot/util.cpp
index ded54a5..e03012a 100644
--- a/fastboot/util.cpp
+++ b/fastboot/util.cpp

@@ -33,6 +33,9 @@
 #include <sys/stat.h>
 #include <sys/time.h>
 
+#include <android-base/parseint.h>
+#include <android-base/strings.h>
+
 #include "util.h"
 
 using android::base::borrowed_fd;
@@ -106,3 +109,12 @@
     }
     return sb.st_size;
 }
+
+std::string fb_fix_numeric_var(std::string var) {
+    // Some bootloaders (angler, for example), send spurious leading whitespace.
+    var = android::base::Trim(var);
+    // Some bootloaders (hammerhead, for example) use implicit hex.
+    // This code used to use strtol with base 16.
+    if (!android::base::StartsWith(var, "0x")) var = "0x" + var;
+    return var;
+}

diff --git a/fastboot/util.h b/fastboot/util.h
index 290d0d5..fdbc1d6 100644
--- a/fastboot/util.h
+++ b/fastboot/util.h

@@ -30,6 +30,7 @@
                                const std::string& partition_name);
 bool is_sparse_file(android::base::borrowed_fd fd);
 int64_t get_file_size(android::base::borrowed_fd fd);
+std::string fb_fix_numeric_var(std::string var);
 
 class ImageSource {
   public:
commit	74c7807af1fffdf81b93144389a10abfa5c969c1	[log] [tgz]
author	David Anderson <dvander@google.com>	Thu Mar 16 21:21:28 2023 -0700
committer	David Anderson <dvander@google.com>	Mon Mar 20 15:55:57 2023 -0700
tree	826d1f7d21575e5de32b6cfe7fcbc8e854b92362
parent	f06debcf24509a2bd33ebae51aaeffdc675fc2be [diff]