Age | Commit message (Collapse) | Author |
|
Report of the static analyzer:
The value of an arithmetic expression 'bit_to_flip->block * mtd.eb_size + blkoffs' is a subject to overflow because its operands are not cast to a larger data type before performing arith$
Corrections explained:
Prevent arithmetic overflow in OOB read operation
Resolved an issue where the calculation of the offset in the OOB read operation could overflow due to operands not being cast to a larger data type. Specifically, the multiplication of bi$
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In order to trigger a continuous read, the user needs to request more
than one data page. So far the tool would split the length into page
chunks. This is no longer the case when the -C option is passed (-c is
already used for the canonical output style).
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Using bs when skipping the bad sector is abusive as what we want is
using the size of a block and the size of a page. The fact that bs
currently is the size of a page is misleading here, has I intend to make
this amount grow.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The read buffer size happen to be as big as the bs variable, but this is
going to change. When accessing the buffer size, use a specific variable
instead.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In nandflipbits, nandtest and ubiscan, uint64_t integers are printed
to stdout using "%llu" as a format specifier, but on platforms like
x86_64, uint64_t is actually typedef'd as `unsigned long` only.
For compatibillity across platforms, simply use the C99 printfs
macros instead.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Running nandtest on devices with sizes of 4Gb or more does not work, as
the size returned in mtd_info_user is reported as 0 for 4Gb devices for
example.
The patch uses sysfs to figure out the size of the nand device (as
recommended in a comment in include/mtd/mtd-abi.h) and changes sizes
and offsets to 64 bit values.
[From: Christian Wendt <cw@brainaid.de>]
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
If a bit is flipped in block 1 or higher, the OOB is corrupted with the
OOB of block 0. Mtd_read_oob API has to take into account the block number
to be able to calculate the right offset.
Fixes: 9fc8db29cf62 ("mtd-utils: Add nandflipbits tool")
Signed-off-by: Christophe Kerello <christophe.kerello@foss.st.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
When writing a full 4GiB NAND to a file end_addr becomes 0x100000000.
With that writing out the first page to the file doesn't happen
because size_left is calculated to 0x100000000 - 0 = 0x100000000
which is then truncated to 32bit and becomes zero. Fix this by
using an appropriate 64bit type for size_left.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Such blocks may be incorrectly treated as empty (even though they may
have non-erase OOB). Warn about it so people may start useing
--skip-all-ffs .
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
- Remove "install tests" configure option, we already have an option
whether to build tests or not. Don't try to work around autotools
semantics that people building the package expect.
- Fix the installation path by propperly defining it and using the
correct name for the libexec path.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Throughout the Automake files, there is a consistent pattern somewhat
like this:
FOO_BINS = ....
sbin_PROGRAMS += $(FOO_BINS)
This commit all such patterns whenever the variable is not used anywhere
else and appends to the target directly.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This commit removes the C header files from the EXTRA_DIST variables
and instead assigns them to the SOURCE variable of the respective
components they belong to.
This takes care of having them distributed in the release tar ball and
helps with dependency tracking a little.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The nandflipbits tool is intended to be used when one need to flip one or
several specific bits on a NAND media.
It can be useful to manually recover from an unexpected bit flip on a flash
device, though the main purpose of this tool is to provide a way to test
ECC algorithms robustness.
One typical example I used this tool for is testing HW ECC engines behavior
when bitflips occur in an erased page: most HW engines do not correctly
handle this case, because, most of the time, ECC bits generated for an
empty page are not all 1s, and, empty page detection embedded in such
engines is only validating that all bits are set to 1s (which is not true
when a bit-flip has occurred).
Another use of this tool is replacing nandbiterrs test which
absolutely do not work with MLC-like chips because of the rewriting of
the pages in raw mode to toggle ones into zeroes.
Signed-off-by: Boris Brezillon <boris.brezillon@collabora.com>
[miquel: Took Boris' work from 2014, addressed comments from Brian made
in 2015, updated it, tested more extensively and fixed issues]
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Some temporary buffers are allocated with "sizeof(pointer) * count" as
size argument, which cannot possibly be correct.
Assuming what was meant was "sizeof(pointer[0]) * count" makes sense
in the context of how the buffers are used, but is actually pretty
pointless, since the buffers are unsigend char.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Many tools open a file descriptor, close it a the end and have some
form of error path in between that jumps to the end.
In some cases, if opening the file fails the error path is taken and
the utility ends up closing one or more invalid file descriptors. It's
technically not a real issue but something that pretty much any static
analysis tool barks at.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
For some command line flags, the argument string is copied. Simply
writing over the buffer leads to a resource leak if the same flag
is specified on the command line more than once.
This patch adds a free() call to the old buffer before overwriting
it with the new copy.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Now that C++17 introduced a special fallthrough keyword for
explicitly tagging switch cases that are supposed to fall
through, newer gcc versions also implement a feature request
from 2002 to warn about maybe unwanted fall-throughs in switch
cases in other languages (like C).
For C code, we can either add a gcc specific attribute at the
end of the switch case, or use a special comment that gcc checks
for, indicating that the fall-through behaviour is indeed
intended.
This patch adds a "/* fall-through */" comment at the end of
various case blocks to silence gcc warnings and in some cases
a break, where fall-through was probably not intended.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
A common pattern in command line processing is having a usage()
function that prints out how to use the command line options and
then terminates.
The function is typically used inside a switch block for command
line options like `-h' or unknown options. In a lot of places, the
break keyword is omitted, because the function exits anyway. However,
this triggers gcc warnings about implicit fall-through.
Rather than adding a phony "/* fall-through */" this patch flags the
usage() style function with a gcc attribute, indicating that they do
not return and removes further superfluous break statements.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This patch eliminates warnings generated by the -Wmissing-prototypes
option. With this flag set, we are now forced to have prototypes for
all global, exported functions, that have to be made visible to the
definitions and we are forced to mark all local functions as static.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Make the usage of exit consist. That is use the pre defined exit
values.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The --skip-bad-blocks-to-start option will increase the start address by
the size of each bad block encountered between the start of the partition
and the specified start address.
This can be useful if other readers of the partition will be reading using
a simple bad-block-skipping algorithm.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The --skip-bad-blocks-to-start option will increase the seek offset by the
size of each bad block encountered between the start of the partition and
the specified start address.
This can be useful when writing part way through a partition that will be
read using a simple bad-block-skipping algorithm.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
JFFS2 supports clustering erase blocks to virtual erase blocks.
nandwrite supports this, but previously mixed up virtual and
physical erase block numbers when checking for bad blocks.
This patch adds a function for checking if a virtual erase block
is bad and replaces the broken mtd_is_bad loop.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This patch makes sure that a virtual erase block is always
composed of a postivie number of erase blocks (i.e. 1 or more)
and enforces the block alignment to be a power of two as
suggested by the help text and assumed throughout the program.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Pull the buffer content checking code into separate function and
simplify the code invoking it slightly.
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Several tools are simply not checking return code of functions marked
with 'warn_unused_result'.
Provide wrappers for the read/write functions to avoid patching old
code and providing proper error handling.
Fix the remaining ones (calls to fgets() and system()).
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
|
|
Signed-off-by: Kees Trommel <ctrommel@linvm302.aimsys.nl>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
When a program does sophisticated enough command line processing
(i.e. getopt), make sure it responds to -V and --version.
When a program prints a version string, make sure it uses the
common_print_version macro to print out its name, that it is part
of mtd-utils and the mtd-utils version from the build system in a
fashion similar to common program packages like the GNU coreutils.
When a program responds to -V/--version or -h/--help, make sure it
reports success exit status.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Add automake files for the test binaries. If configured to do so,
install the test binaries to libexec/mtd-utils and use autoconf to
fix the paths in the test scripts.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
This patch is largely based on Richards original RFC.
The major differences to the RFC patch are:
- Add missing sumtools & mtdpart targets
- Fix name of mkfs.jffs2 target
- Add missing subdir-objects option for non-recursive make
- Move all automake options to configure.ac
- Add manpages to install target
- Make XATTR & LZO support configurable
- Install binaries to sbin directory like in the old build system
- Install flash_erase wrapper script
- Add files missing from distribution target
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Errors may happen, it's e.g. easy on embedded devices to run out of space
when dumping big partitions. This patch adds a helper function for
writing. It deals with partial writes and just returns 0 on success or
error number.
The old code didn't check for errors at all which could result in
incomplete dumps without exiting with an error.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
nanddump was always writing a whole page of data into the output
discarding the length actually requested. This patch allows to
write only the remaining length if oob is omitted. In case oob
is needed, it makes sense to copy the entire page.
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
* There is no code modification in this commit, only moving
* the files to proper place.
The user tools looks a little messy as we place almost
the all tools in the root directory of mtd-utils. To make
it more clear, I propose to introduce the following structure
for our source code.
mtd-utils/
|-- lib
|-- include
|-- misc-utils
|-- jffsX-utils
|-- nand-utils
|-- nor-utils
|-- ubi-utils
|-- ubifs-utils
`-- tests
Signed-off-by: Dongsheng Yang <yangds.fnst@cn.fujitsu.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
|