[U-Boot] [PATCH 3/4] usb: ums: fix bug in partition capacity computation.
Marek Vasut
marex at denx.de
Thu Oct 17 19:41:20 CEST 2013
Dear Przemyslaw Marczak,
> Before this change ums disk capacity was miscalculated because
> of integer overflow.
>
> Signed-off-by: Przemyslaw Marczak <p.marczak at samsung.com>
> Cc: Marek Vasut <marex at denx.de>
> ---
> board/samsung/common/ums.c | 16 ++++++++++++----
> 1 file changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/board/samsung/common/ums.c b/board/samsung/common/ums.c
> index 1f28590..6c4e6c4 100644
> --- a/board/samsung/common/ums.c
> +++ b/board/samsung/common/ums.c
> @@ -37,11 +37,19 @@ static int ums_write_sector(struct ums *ums_dev,
>
> static void ums_get_capacity(struct ums *ums_dev, long long int *capacity)
> {
> - long long int tmp_capacity;
> + int64_t mmc_capacity = (int64_t)ums_dev->mmc->capacity;
Why are these casts here?
> + int64_t ums_capacity = (int64_t)ums_dev->part_size * SECTOR_SIZE;
> + int64_t ums_offset = (int64_t)ums_dev->offset * SECTOR_SIZE;
And here all around? And why are these values signed, can there ever be negative
value in them?
> - tmp_capacity = (long long int)((ums_dev->offset + ums_dev->part_size)
> - * SECTOR_SIZE);
> - *capacity = ums_dev->mmc->capacity - tmp_capacity;
> + if (ums_capacity && ((ums_capacity + ums_offset) < mmc_capacity))
> + *capacity = ums_capacity;
> + else
> + *capacity = mmc_capacity - ums_offset;
Urgh, what exactly does this code achieve again?
> + printf("UMS: partition capacity: %#llx blocks\n"
> + "UMS: partition start block: %#x\n",
> + *capacity / SECTOR_SIZE,
> + ums_dev->offset);
> }
>
> static struct ums ums_dev = {
Best regards,
Marek Vasut
More information about the U-Boot
mailing list