Marc Jones (marc.jones@se-eng.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/7205
-gerrit
commit e08e0287b1e47ca70ac1a6e3bcbcd2cd202e3e33 Author: Gabe Black gabeblack@google.com Date: Fri Feb 21 01:01:06 2014 -0800
cbfstool: If compression fails, warn and use the uncompressed data.
The LZMA compression algorithm, currently the only one available, will fail if you ask it to write more data to the output than you've given it space for. The code that calls into LZMA allocates an output buffer the same size as the input, so if compression increases the size of the output the call will fail. The caller(s) were written to assume that the call succeeded and check the returned length to see if the size would have increased, but that will never happen with LZMA.
Rather than try to rework the LZMA library to dynamically resize the output buffer or try to guess what the maximal size the data could expand to is, this change makes the caller simply print a warning and disable compression if the call failed for some reason.
This may lead to images that are larger than necessary if compression fails for some other reason and the user doesn't notice, but since compression errors were ignored entirely until very recently that will hopefully not be a problem in practice, and we should be guarnateed to at least produce a correct image.
Original-Change-Id: I5f59529c2d48e9c4c2e011018b40ec336c4fcca8 Original-Signed-off-by: Gabe Black gabeblack@google.com Original-Reviewed-on: https://chromium-review.googlesource.com/187365 Original-Reviewed-by: David Hendricks dhendrix@chromium.org Original-Tested-by: Gabe Black gabeblack@chromium.org Original-Commit-Queue: Gabe Black gabeblack@chromium.org (cherry picked from commit b9f622a554d5fb9a9aff839c64e11acb27785f13) Signed-off-by: Isaac Christensen isaac.christensen@se-eng.com
Change-Id: I97897ce49ee970eba095b64b3464236654b2fd42 --- util/cbfstool/cbfs-mkpayload.c | 46 ++++++++++++++++++------------------------ util/cbfstool/cbfs-mkstage.c | 11 +++++++--- 2 files changed, 28 insertions(+), 29 deletions(-)
diff --git a/util/cbfstool/cbfs-mkpayload.c b/util/cbfstool/cbfs-mkpayload.c index 38cc482..191e4e7 100644 --- a/util/cbfstool/cbfs-mkpayload.c +++ b/util/cbfstool/cbfs-mkpayload.c @@ -206,26 +206,24 @@ int parse_elf_to_payload(const struct buffer *input, segs[segments].type = PAYLOAD_SEGMENT_DATA; segs[segments].load_addr = phdr[i].p_paddr; segs[segments].mem_len = phdr[i].p_memsz; - segs[segments].compression = algo; segs[segments].offset = doffset;
+ /* If the compression failed or made the section is larger, + use the original stuff */ + int len; if (compress((char *)&header[phdr[i].p_offset], - phdr[i].p_filesz, output->data + doffset, &len)) { - buffer_delete(output); - ret = -1; - goto out; - } - segs[segments].len = len; - - /* If the compressed section is larger, then use the - original stuff */ - - if ((unsigned int)len > phdr[i].p_filesz) { + phdr[i].p_filesz, output->data + doffset, &len) || + (unsigned int)len > phdr[i].p_filesz) { + WARN("Compression failed or would make the data bigger " + "- disabled.\n"); segs[segments].compression = 0; segs[segments].len = phdr[i].p_filesz; memcpy(output->data + doffset, &header[phdr[i].p_offset], phdr[i].p_filesz); + } else { + segs[segments].compression = algo; + segs[segments].len = len; }
doffset += segs[segments].len; @@ -275,15 +273,13 @@ int parse_flat_binary_to_payload(const struct buffer *input, segs[0].mem_len = input->size; segs[0].offset = doffset;
- if (compress(input->data, input->size, output->data + doffset, &len)) { - buffer_delete(output); - return -1; - } + if (!compress(input->data, input->size, output->data + doffset, &len) && + (unsigned int)len < input->size) { segs[0].compression = algo; segs[0].len = len; - - if ((unsigned int)len >= input->size) { - WARN("Compressing data would make it bigger - disabled.\n"); + } else { + WARN("Compression failed or would make the data bigger " + "- disabled.\n"); segs[0].compression = 0; segs[0].len = input->size; memcpy(output->data + doffset, input->data, input->size); @@ -404,15 +400,13 @@ int parse_fv_to_payload(const struct buffer *input, segs[0].mem_len = input->size; segs[0].offset = doffset;
- if (compress(input->data, input->size, output->data + doffset, &len)) { - buffer_delete(output); - return -1; - } + if (!compress(input->data, input->size, output->data + doffset, &len) && + (unsigned int)len < input->size) { segs[0].compression = algo; segs[0].len = len; - - if ((unsigned int)len >= input->size) { - WARN("Compressing data would make it bigger - disabled.\n"); + } else { + WARN("Compression failed or would make the data bigger " + "- disabled.\n"); segs[0].compression = 0; segs[0].len = input->size; memcpy(output->data + doffset, input->data, input->size); diff --git a/util/cbfstool/cbfs-mkstage.c b/util/cbfstool/cbfs-mkstage.c index 8c77ee5..4a2f4d8 100644 --- a/util/cbfstool/cbfs-mkstage.c +++ b/util/cbfstool/cbfs-mkstage.c @@ -155,12 +155,17 @@ int parse_elf_to_stage(const struct buffer *input, struct buffer *output, * to fill out the header. This seems backward but it works because * - the output header is a known size (not always true in many xdr's) * - we do need to know the compressed output size first + * If compression fails or makes the data bigger, we'll warn about it + * and use the original data. */ if (compress(buffer, data_end - data_start, (output->data + sizeof(struct cbfs_stage)), - &outlen) < 0) { - free(buffer); - return -1; + &outlen) < 0 || outlen > data_end - data_start) { + WARN("Compression failed or would make the data bigger " + "- disabled.\n"); + memcpy(output->data + sizeof(struct cbfs_stage), + buffer, data_end - data_start); + algo = CBFS_COMPRESS_NONE; } free(buffer);