u-boot.git/lib/gunzip.c, branch v2016.03 Unnamed repository; edit this file 'description' to name the repository. gunzip: remove avail_in recalculation 2016-02-09T22:41:19+00:00 Stephen Warren swarren@nvidia.com 2016-01-29T20:26:58+00:00 1934665742e38c8ced9342a9c3005a3eab0b1a7c Current, the following passes: ./u-boot -d arch/sandbox/dts/test.dtb -c 'ut_image_decomp' but the following fails: ./u-boot -d arch/sandbox/dts/test.dtb -c 'ut dm; ut_image_decomp' This is because the gunzip code reads input data beyond the end of its input buffer. In the first case above, this data just happens to be 0, which just happens to trigger gzip to signal the error the decompression unit test expects. In the second case above, the "ut dm" test has written data to the accidentally-read memory, which causes the gzip code to take a different path and so return a different value, which triggers the test failure. The cause of gunzip reading past its input buffer is the re-calculation of s.avail_in in zunzip(), since it can underflow. Not only is the formula non-sensical (it uses the delta between two output buffer pointers to calculate available input buffer size), it also appears to be unnecessary, since the gunzip code already maintains this value itself. This patch removes this re-calculation to avoid the underflow and redundant work. The loop exit condition is also adjusted so that if inflate() has consumed the entire input buffer, without indicating returning Z_STREAM_END (i.e. decompression complete without error), an error is raised. There is still opportunity to simplify the code here by splitting up the loop exit condition into separate tests. However, this patch makes the minimum modifications required to solve the problem at hand, in order to keep the Acked-by: Kees Cook <keescook@chromium.org> diff simple. I am not entirely convinced that the loop in zunzip() is necessary at all. It could only be useful if inflate() can return Z_BUF_ERROR (which typically means that it needs more data in the input buffer, or more space in the output buffer), even though Z_FINISH is set /and/ the full input is available in the input buffer /and/ there is enough space to store the decompressed output in the output buffer. The comment in zlib.h after the prototype of inflate() implies this is never the case. However, I assume there must have been some reason for introducing this loop in the first place, as part of commit "Fix gunzip to work for any gziped uImage size". This patch is similar to the earlier b75650d84d4b "gzip: correctly bounds-check output buffer", which corrected a similar issue for s.avail_out. Cc: Catalin Radu <Catalin@VirtualMetrix.com> Cc: Kees Cook <keescook@chromium.org> Fixes: f039ada5c109 ("Fix gunzip to work for any gziped uImage size") Signed-off-by: Stephen Warren <swarren@nvidia.com> 
Current, the following passes:
    ./u-boot -d arch/sandbox/dts/test.dtb -c 'ut_image_decomp'
but the following fails:
    ./u-boot -d arch/sandbox/dts/test.dtb -c 'ut dm; ut_image_decomp'

This is because the gunzip code reads input data beyond the end of its
input buffer. In the first case above, this data just happens to be 0,
which just happens to trigger gzip to signal the error the decompression
unit test expects. In the second case above, the "ut dm" test has written
data to the accidentally-read memory, which causes the gzip code to take a
different path and so return a different value, which triggers the test
failure.

The cause of gunzip reading past its input buffer is the re-calculation of
s.avail_in in zunzip(), since it can underflow. Not only is the formula
non-sensical (it uses the delta between two output buffer pointers to
calculate available input buffer size), it also appears to be unnecessary,
since the gunzip code already maintains this value itself. This patch
removes this re-calculation to avoid the underflow and redundant work.

The loop exit condition is also adjusted so that if inflate() has consumed
the entire input buffer, without indicating returning Z_STREAM_END (i.e.
decompression complete without error), an error is raised. There is still
opportunity to simplify the code here by splitting up the loop exit
condition into separate tests. However, this patch makes the minimum
modifications required to solve the problem at hand, in order to keep the
Acked-by: Kees Cook <keescook@chromium.org>

diff simple.

I am not entirely convinced that the loop in zunzip() is necessary at all.
It could only be useful if inflate() can return Z_BUF_ERROR (which
typically means that it needs more data in the input buffer, or more space
in the output buffer), even though Z_FINISH is set /and/ the full input is
available in the input buffer /and/ there is enough space to store the
decompressed output in the output buffer. The comment in zlib.h after the
prototype of inflate() implies this is never the case. However, I assume
there must have been some reason for introducing this loop in the first
place, as part of commit "Fix gunzip to work for any gziped uImage size".

This patch is similar to the earlier b75650d84d4b "gzip: correctly
bounds-check output buffer", which corrected a similar issue for
s.avail_out.

Cc: Catalin Radu <Catalin@VirtualMetrix.com>
Cc: Kees Cook <keescook@chromium.org>
Fixes: f039ada5c109 ("Fix gunzip to work for any gziped uImage size")
Signed-off-by: Stephen Warren <swarren@nvidia.com>
gunzip.c: Only include gzwrite on CONFIG_CMD_UNZIP 2016-01-19T13:31:17+00:00 Tom Rini trini@konsulko.com 2016-01-14T18:02:05+00:00 1811b7d38cf6e6caacc083044bc8f0f8015b5627 Only when we have CONFIG_CMD_UNZIP enabled do we have the 'gzwrite' command. While this command should be separated from CONFIG_CMD_UNZIP we should also only include the write portion of the gz code in that case as well. Signed-off-by: Tom Rini <trini@konsulko.com> 
Only when we have CONFIG_CMD_UNZIP enabled do we have the 'gzwrite'
command.  While this command should be separated from CONFIG_CMD_UNZIP
we should also only include the write portion of the gz code in that
case as well.

Signed-off-by: Tom Rini <trini@konsulko.com>
block: pass block dev not num to read/write/erase() 2016-01-14T02:05:18+00:00 Stephen Warren swarren@nvidia.com 2015-12-07T18:38:48+00:00 7c4213f6a52f35ff6ba2d97aa4eb04cbfc963b86 This will allow the implementation to make use of data in the block_dev structure beyond the base device number. This will be useful so that eMMC block devices can encompass the HW partition ID rather than treating this out-of-band. Equally, the existence of the priv field is crying out for this patch to exist. Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Tom Rini <trini@konsulko.com> 
This will allow the implementation to make use of data in the block_dev
structure beyond the base device number. This will be useful so that eMMC
block devices can encompass the HW partition ID rather than treating this
out-of-band. Equally, the existence of the priv field is crying out for
this patch to exist.

Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Move console definitions into a new console.h file 2015-11-20T03:27:50+00:00 Simon Glass sjg@chromium.org 2015-11-09T06:47:45+00:00 24b852a7a2b8eca71789100983bdb5104cc00696 The console includes a global variable and several functions that are only used by a small subset of U-Boot files. Before adding more functions, move the definitions into their own header file. Signed-off-by: Simon Glass <sjg@chromium.org> 
The console includes a global variable and several functions that are only
used by a small subset of U-Boot files. Before adding more functions, move
the definitions into their own header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
gunzip: add gzwrite routine for extracting compresed images to block device 2015-04-22T16:14:55+00:00 Eric Nelson eric.nelson@boundarydevices.com 2015-02-17T18:30:30+00:00 918e9ebb45a12342c3d65df12ccc78431d6d0b72 Initial filesystem images are generally highly compressible. Add a routine gzwrite that allows gzip-compressed images to be written to block devices. Signed-off-by: Eric Nelson <eric.nelson@boundarydevices.com> Reviewed-by: Tom Rini <trini@ti.com> 
Initial filesystem images are generally highly compressible.

Add a routine gzwrite that allows gzip-compressed images to be
written to block devices.

Signed-off-by: Eric Nelson <eric.nelson@boundarydevices.com>
Reviewed-by: Tom Rini <trini@ti.com>
gunzip: Update lenp even on error 2015-01-14T16:35:44+00:00 Simon Glass sjg@chromium.org 2014-12-02T20:17:39+00:00 9c55c54fb474ba5bc005e489639aa06c3c00d012 This allows the caller to easily detect how much of the destination buffer has been used. Signed-off-by: Simon Glass <sjg@chromium.org> 
This allows the caller to easily detect how much of the destination buffer
has been used.

Signed-off-by: Simon Glass <sjg@chromium.org>
gzip: correctly bounds-check output buffer 2013-09-03T19:30:14+00:00 Kees Cook keescook@chromium.org 2013-08-16T14:59:13+00:00 b75650d84d4b7892179ae183523011f6d898423d The output buffer size must not be reset by the gzip decoder or there is a risk of overflowing memory during decompression. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> 
The output buffer size must not be reset by the gzip decoder or there
is a risk of overflowing memory during decompression.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24T13:44:38+00:00 Wolfgang Denk wd@denx.de 2013-07-08T07:37:19+00:00 1a4596601fd395f3afb8f82f3f840c5e00bdd57a Signed-off-by: Wolfgang Denk <wd@denx.de> [trini: Fixup common/cmd_io.c] Signed-off-by: Tom Rini <trini@ti.com> 
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
gunzip: rename z{alloc, free} to gz{alloc, free} 2012-04-30T14:54:51+00:00 Mike Frysinger vapier@gentoo.org 2012-04-09T13:39:53+00:00 e3ed0575a7ce68c1c533978fc171c7611598dc4e This allows us to add a proper zalloc() func (one that does a zeroing alloc), and removes duplicate prototypes. Signed-off-by: Mike Frysinger <vapier@gentoo.org> 
This allows us to add a proper zalloc() func (one that does a zeroing
alloc), and removes duplicate prototypes.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Fix gunzip to work for any gziped uImage size 2011-04-12T20:58:30+00:00 Catalin Radu Catalin@VirtualMetrix.com 2011-02-04T12:35:47+00:00 f039ada5c10925147eb5bb15f63c430dbde76c3f Signed-off-by: Catalin Radu <Catalin@VirtualMetrix.com> 
Signed-off-by: Catalin Radu <Catalin@VirtualMetrix.com>