The `part_entry_lba` field in `struct gpt_header` is uint64_t, but
the local `lba` variable was declared as `unsigned int`, silently
truncating values above UINT_MAX. The buffer `lba_buf[10]` is also
too small: a 64-bit value can be up to 20 decimal digits, requiring
at least 21 bytes including the null terminator. Combined with an
unchecked sprintf(), this is a stack buffer overflow for any LBA
value exceeding 9 digits.
Fix by:
- declaring `lba` as uint64_t to match the source type
- increasing lba_buf to 21 bytes
- using snprintf() with sizeof to prevent overruns
- using PRIu64 for correct format specifier
Signed-off-by: Igor Opaniuk <igor.opaniuk@oss.qualcomm.com>
Address more signedness/unsignedness issues, like:
../sahara.c: In function ‘sahara_debug64_one’:
../qdl.h:20:12: warning: comparison of integer expressions of different
signedness: ‘long unsigned int’ and ‘int’ [-Wsign-compare]
20 | _x < _y ? _x : _y; \
| ^
../sahara.c:286:26: note: in expansion of macro ‘MIN’
286 | remain = MIN((uint64_t)(region.length - chunk), DEBUG_BLOCK_SIZE);
| ^~~
../qdl.h:20:24: warning: operand of ‘?:’ changes signedness from ‘int’ to
‘long unsigned int’ due to unsignedness of other operand [-Wsign-compare]
20 | _x < _y ? _x : _y; \
../gpt.c: In function ‘gpt_find_by_name’:
../gpt.c:255:65: warning: comparison of integer expressions of different
signedness: ‘unsigned int’ and ‘int’ [-Wsign-compare]
255 | if (*phys_partition >= 0 && gpt_part->partition != *phys_partition)
Now tools are built without any warnings when -Wsign-compare is enabled.
Signed-off-by: Igor Opaniuk <igor.opaniuk@oss.qualcomm.com>
Address warnings for comparisons of integer expressions of different
signedness, for example:
../firehose.c:384:31: warning: comparison of integer expressions of
different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
384 | for (i = 0; i < ARRAY_SIZE(sector_sizes); i++) {
In all places, where signed value is casted to unsigned (size_t for
instance), there is always explicitly handling of possible negative
value beforehand
Signed-off-by: Igor Opaniuk <igor.opaniuk@oss.qualcomm.com>
When using first_lba and last_lba information from the GPT entry to
calculate the number of sectors, we need to add 1 to the result.
Imagine if both values were 1. This means there is 1 sector of data
and the first and last LBA values are same. However, the current
calculation is: num_sectors = last_lba - first_lba.
In this case, it would return a value of 0. (Always 1 less sector
than it should).
Tested on the CDT partition of RB3 Gen2:
In the rawprogram3.xml file it has num_partition_sectors="32"
(4096 byte sector size). This should result in a binary size of
131072.
Pre-patch:
$ qdl --storage ufs prog_firehose_ddr.elf read 3/cdt cdt-bad.bin
waiting for programmer...
partition 6 has not GPT header
partition 7 has not GPT header
0 patches applied
read "cdt-bad.bin" successfully
$ ls -l cdt-bad.bin
-rw-r--r-- 1 user user 126976 Sep 16 21:02 cdt-bad.bin
Post-patch:
$ qdl --storage ufs prog_firehose_ddr.elf read 3/cdt cdt-good.bin
Waiting for EDL device
waiting for programmer...
partition 6 has not GPT header
partition 7 has not GPT header
0 patches applied
read "cdt-good.bin" successfully
$ ls -l cdt-good.bin
-rw-r--r-- 1 user user 131072 Sep 16 21:04 cdt-good.bin
Signed-off-by: Michael Scott <mike.scott@oss.qualcomm.com>
While already powerful, it's quite often one wants to read and write
some specific GPT partition, and manually resolving the sectors and
plugging these into either a XML file or the command line is tedious and
error prone.
Allow partition names in the address specifier of the "read" and "write"
command line actions, and when these are used read the GPTs across all
physical partitions to resolve the physical partition, start sector and
sector count for the operation.
This allow us to do things like:
qdl prog_firehose.elf write abl_a abl2esp.elf write abl_b abl2esp.elf
Signed-off-by: Bjorn Andersson <bjorn.andersson@oss.qualcomm.com>
