update_engine: Limit bsdiff to 200 MiB files.
bsdiff and bspatch require a lot of RAM and time to run over very big
files. In released ChromeOS images, the biggest file is chrome with
a size of about 130 MiB in the worst case (link). Nevertheless,
ChromiumOS builds for ASan have much bigger files due to the memory
instrumentation.
This patch limit the usage of bsdiff/bspatch to files under 200 MiB,
something that should not affect any released board.
BUG=chromium:329248
TEST=cbuildbot amd64-generic-asan enabling the full vm_test
Change-Id: I24b6c9e56525858dab3758af8eddfe3acdf12e75
Reviewed-on: https://chromium-review.googlesource.com/219201
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
diff --git a/payload_generator/delta_diff_generator.cc b/payload_generator/delta_diff_generator.cc
index ee5a79b..f960377 100644
--- a/payload_generator/delta_diff_generator.cc
+++ b/payload_generator/delta_diff_generator.cc
@@ -63,6 +63,13 @@
const size_t kBlockSize = 4096; // bytes
const char kEmptyPath[] = "";
+// The maximum destination size allowed for bsdiff. In general, bsdiff should
+// work for arbitrary big files, but the payload generation and payload
+// application requires a significant amount of RAM. We put a hard-limit of
+// 200 MiB that should not affect any released board, but will limit the
+// Chrome binary in ASan builders.
+const off_t kMaxBsdiffDestinationSize = 200 * 1024 * 1024; // bytes
+
static const char* kInstallOperationTypes[] = {
"REPLACE",
"REPLACE_BZ",
@@ -132,6 +139,9 @@
// TODO(dgarrett): chromium-os:15274 connect this test to the command line.
bool bsdiff_allowed = true;
+ if (utils::FileSize(new_root + path) > kMaxBsdiffDestinationSize)
+ bsdiff_allowed = false;
+
if (!bsdiff_allowed)
LOG(INFO) << "bsdiff blacklisting: " << path;