| Age | Commit message (Collapse) | Author |
|---|
|
Report of the static analyzer:
The value of an arithmetic expression 'datsize + oobsize' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic.
Corrections explained:
- Added a check to validate datsize and oobsize to ensure they are non-negative and within a safe range.
- Cast datsize and oobsize to long before performing arithmetic to prevent potential integer overflow.
This change ensures safe computation of offsets and prevents undefined behavior caused by overflow.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
On error, lseek returns a negative value. We need to check for that
and abort, instead of passing -1 to malloc and later on to read_nocheck.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This patch eliminates warnings generated by the -Wmissing-prototypes
option. With this flag set, we are now forced to have prototypes for
all global, exported functions, that have to be made visible to the
definitions and we are forced to mark all local functions as static.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The tools in question will quit with an exit code 0 if the command
line option was not recognized. By returning an error code a calling
script has the possibility to distinguish between a real success and
an invalid invocation.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Make the usage of exit consist. That is use the pre defined exit
values.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Several tools are simply not checking return code of functions marked
with 'warn_unused_result'.
Provide wrappers for the read/write functions to avoid patching old
code and providing proper error handling.
Fix the remaining ones (calls to fgets() and system()).
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
|
|
When a program does sophisticated enough command line processing
(i.e. getopt), make sure it responds to -V and --version.
When a program prints a version string, make sure it uses the
common_print_version macro to print out its name, that it is part
of mtd-utils and the mtd-utils version from the build system in a
fashion similar to common program packages like the GNU coreutils.
When a program responds to -V/--version or -h/--help, make sure it
reports success exit status.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
* There is no code modification in this commit, only moving
* the files to proper place.
The user tools looks a little messy as we place almost
the all tools in the root directory of mtd-utils. To make
it more clear, I propose to introduce the following structure
for our source code.
mtd-utils/
|-- lib
|-- include
|-- misc-utils
|-- jffsX-utils
|-- nand-utils
|-- nor-utils
|-- ubi-utils
|-- ubifs-utils
`-- tests
Signed-off-by: Dongsheng Yang <yangds.fnst@cn.fujitsu.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
|
