Merge patches of tizen_4.0

- Fix percent issue on multiple reboot
- Limit Free size calculation to 4GB, if freesize is greater than 4GB return 4GB else max available size
- Increase supported file size (for extraction) from 256 MB to 2 GB
- Print actual and expected SHA value during verification failure of source file or image
- Fix vulnerabilities

Change-Id: Ia7f47a51f0ce431347c58b5d6a71185c5c776f3e
Signed-off-by: shirsh-kumar <shirsh.kumar@samsung.com>
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>

diff --git a/packaging/libtota.spec b/packaging/libtota.spec
index 6a95b821eedc1349545f8800c82d29823155bc65..7699ea2e58b4cf0203d4322d86d068f1307a7c2e 100755 (executable)
--- a/packaging/libtota.spec
+++ b/packaging/libtota.spec
@@ -1,6 +1,6 @@
 Name:          libtota
 Summary:       fota update library
-Version:       1.2.4
+Version:       1.2.5
 Release:       0
 Group:         System
 License:       Apache-2.0 and BSD-2-Clause and BSD-3-Clause and PD

diff --git a/ss_engine/SS_Common.h b/ss_engine/SS_Common.h
index 453b61b8ed6cb8de9ce9189d721e8ba225a228fd..7fb53118daed651f9584279755375b1602240aaa 100755 (executable)
--- a/ss_engine/SS_Common.h
+++ b/ss_engine/SS_Common.h
@@ -42,6 +42,7 @@
 #define DP_HEADER_SIZE         36
 #define DP_START_OFFSET                0
 #define  BACKUPBUFFER_NUM      4
+#define SIZE_4GB (0Xffffffff)
 
 /*******[ Multiprocess API sample implementation ]******/
 #define _NOEXEC_

diff --git a/ss_engine/SS_FSUpdate.c b/ss_engine/SS_FSUpdate.c
index eb515851ad4bc4c1bfd20ae2026307dffd78139f..1a5311f72ffefc22ccc729214c21eb2326a683e1 100755 (executable)
--- a/ss_engine/SS_FSUpdate.c
+++ b/ss_engine/SS_FSUpdate.c
@@ -1157,7 +1157,7 @@ SS_GetAvailableFreeSpace(const char *partition_name,
                return -1;
        }
 
-       *available_flash_size = vfs.f_bsize * vfs.f_bavail;
+       *available_flash_size = ((long long)vfs.f_bsize * (long long)vfs.f_bavail >= (long long)SIZE_4GB) ? SIZE_4GB : vfs.f_bsize * vfs.f_bavail;
        if (*available_flash_size == 0) {
                *available_flash_size = 0x80000; //Same as Legecy RB
                LOGE("available_flash_size=%u(vfs.f_bsize=%d vfs.f_bavail=%d\n",

diff --git a/ss_engine/SS_PatchDelta.c b/ss_engine/SS_PatchDelta.c
index c2dcf3305c4761ef0606c5d42dd8b485ca59113e..b127ca82e70718e4cf31950f9a24aecb208b3880 100755 (executable)
--- a/ss_engine/SS_PatchDelta.c
+++ b/ss_engine/SS_PatchDelta.c
@@ -265,24 +265,19 @@ int SS_UpdateDeltaFS(const char *source_filename, const char *target_filename,
                        return E_SS_FAILURE;
                }
                if (SS_LoadFile(source_filename, &source_file) == 0) {
+                       SS_Free(source_file.data);
+
                        if (memcmp(source_file.sha1, source_sha1, SHA_DIGEST_SIZE) == 0) {
                                LOGL(LOG_SSENGINE, "Patch Can be applied\n");
-                               if (source_file.data)
-                                       SS_Free(source_file.data);
                        } else if (memcmp(source_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) {
                                LOGL(LOG_SSENGINE, "Patch Already applied\n");
-                               if (source_file.data)
-                                       SS_Free(source_file.data);
                                return S_SS_SUCCESS;
                        } else {
                                //Check for backup file SHA
-                               SS_Free(source_file.data);
-                               source_file.data = NULL;
                                LOGL(LOG_SSENGINE, "Source was currupted, Try loading from backup source\n");
 
                                if (SS_LoadFile(target_filename, &target_file) == 0) {
-                                       if (target_file.data)
-                                               SS_Free(target_file.data);
+                                       SS_Free(target_file.data);
 
                                        if (memcmp(target_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) {
                                                LOGL(LOG_SSENGINE, "Patch Already applied\n");
@@ -291,35 +286,30 @@ int SS_UpdateDeltaFS(const char *source_filename, const char *target_filename,
                                }
 
                                if (SS_LoadFile(SS_BACKUP_SOURCE, &source_file) == 0) {
+                                       SS_Free(source_file.data);
+
                                        if (memcmp(source_file.sha1, source_sha1, SHA_DIGEST_SIZE) == 0) {
                                                if (SS_CopyFile(SS_BACKUP_SOURCE, source_filename) != S_SS_SUCCESS) {
                                                        strerror_r(errno, buf, sizeof(buf));
                                                        LOGE("copy of backup to \"%s\" failed: %s\n", source_filename, buf);
                                                        SS_SetUpgradeState(E_SS_FSUPDATEFAILED);
-                                                       if (source_file.data)
-                                                               SS_Free(source_file.data);
                                                        return E_SS_FAILURE;
                                                }
                                                LOGL(LOG_SSENGINE,
                                                         "Patch Can be applied from using backup file as source\n");
                                        } else {
                                                SS_SetUpgradeState(E_SS_FSSRCCURRUPTED);
-                                               if (source_file.data)
-                                                       SS_Free(source_file.data);
                                                return E_SS_FAILURE;
                                        }
                                } else {
                                        SS_SetUpgradeState(E_SS_FSSRCCURRUPTED);
-                                       if (source_file.data)
-                                               SS_Free(source_file.data);
                                        return E_SS_FAILURE;
                                }
                        }
                } else {
                        LOGL(LOG_SSENGINE, "Source was deleted!!\n");
                        if (SS_LoadFile(target_filename, &target_file) == 0) {
-                               if (target_file.data)
-                                       SS_Free(target_file.data);
+                               SS_Free(target_file.data);
 
                                if (memcmp(target_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) {
                                        LOGL(LOG_SSENGINE, "Patch Already applied\n");
@@ -329,22 +319,18 @@ int SS_UpdateDeltaFS(const char *source_filename, const char *target_filename,
 
                        LOGL(LOG_SSENGINE, "Try loading from backup source\n");
                        if (SS_LoadFile(SS_BACKUP_SOURCE, &source_file) == 0) {
+                               SS_Free(source_file.data);
+
                                if (memcmp(source_file.sha1, source_sha1, SHA_DIGEST_SIZE) == 0) {
                                        use_backup = 1;
                                        LOGL(LOG_SSENGINE, "Patch Can be applied from using backup file as source\n");
-                                       if (source_file.data)
-                                               SS_Free(source_file.data);
                                } else {
                                        SS_SetUpgradeState(E_SS_FSSRCCURRUPTED);
-                                       if (source_file.data)
-                                               SS_Free(source_file.data);
                                        return E_SS_FAILURE;
                                }
                        } else {
                                LOGE(" SS_LoadFile from backup source failed!!\n");
                                SS_SetUpgradeState(E_SS_FSSRCCURRUPTED);
-                               if (source_file.data)
-                                       SS_Free(source_file.data);
                                return E_SS_FAILURE;
                        }
                }

diff --git a/ss_engine/SS_UPI.c b/ss_engine/SS_UPI.c
index 72d15b4772222fb9a5cdd9890363de8d93941466..835600400361531bc929c5fc346e58ab106fd74e 100755 (executable)
--- a/ss_engine/SS_UPI.c
+++ b/ss_engine/SS_UPI.c
@@ -566,7 +566,8 @@ int SS_FSVerifyNode(const char *path, const char *patchname, const char *sha1src
                        if (SS_LoadFile(path, &source_file) == 0) {
                                if (memcmp(source_file.sha1, source_sha1, SHA_DIGEST_SIZE) != 0) {
                                        SS_Free(source_file.data);
-                                       LOGE("SS_FSVerifyNode - SHA mismatch with SRC  - PATH [%s]\n", path);
+                                       LOGE("SS_FSVerifyNode - SHA mismatch with SRC  - PATH [%s] Expected [%x] Actual [%x]\n",
+                                               path, source_sha1, source_file.sha1);
                                        SS_SetUpgradeState(E_SS_FSSRCCURRUPTED);        // Define other error
                                        return E_SS_FAILURE;
                                }
@@ -1054,7 +1055,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
                                                                  ua_dataSS->update_delta->ua_patch_path);
                                if (retval == E_SS_FAILURE)      // ONLY test purpose, should enable this
                                        goto CleanUp;
+               if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
                                SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 0);
+               }
                        } else if (change_type && strcmp(change_type, SS_STRING_DIFF) == 0) {     // && strcmp(file_type,"TPK") == 0){
                                source_name = strtok_r(NULL, SS_TOEKN_COLON, &saveptr);
                                target_name = strtok_r(NULL, SS_TOEKN_COLON, &saveptr);
@@ -1075,7 +1078,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
                                        LOGE("File Name length Limitation Error File:[%s]\n", patch_name);
                                        goto CleanUp;
                                }
+               if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
                                SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 0);
+               }
                        } else {
                                SS_SetUpgradeState(E_SS_FSFAILEDTOPARSEDELTAINFO);
                                LOGE("Patch Name format Error File\n");
@@ -1133,7 +1138,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
                                                          ua_dataSS->update_delta->ua_patch_path);
                        if (retval == E_SS_FAILURE) // ONLY test purpose, should enable this
                                goto CleanUp;
+           if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
                        SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 0);
+           }
 
                }
        }                                                  //For symlink files
@@ -1169,7 +1176,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
                                                                  ua_dataSS->update_delta->ua_patch_path);
                                if (retval == E_SS_FAILURE)      // ONLY test purpose, should enable this
                                        goto CleanUp;
+               if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
                                SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 0);
+               }
                        }
                }
        }
@@ -1203,7 +1212,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
                                                                  ua_dataSS->update_delta->ua_patch_path);
                                if (retval == E_SS_FAILURE)      // ONLY test purpose, should enable this
                                        goto CleanUp;
+               if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
                                SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 0);
+               }
                        }
                }
        }
@@ -1221,7 +1232,9 @@ SYM:NEW:system/lib/firmware/vbc_eq:/opt/system/vbc_eq
        fs_head_node->sym_newref = fs_symlinknewhead;
        fs_head_node->ulPatchCount = ulPatchCount;
 
+       if (ua_dataSS->ua_operation == UI_OP_SCOUT) {
        SS_UpdateUIProgress(ua_dataSS, ulPatchCount, 1);
+       }
 
  CleanUp:
        fclose(fp);
@@ -2029,11 +2042,11 @@ size_t SS_FSAvailiableFreeSpace(char *block_name)
        while (NULL != (ent = getmntent(aFile))) {
                if (strcmp(ent->mnt_fsname, block_name) == 0) {
                        if (statfs(ent->mnt_dir, &sb) == 0)
-                               LOGL(LOG_SSENGINE, "Total free space = %d, blocks free = %d\n", sb.f_bsize * sb.f_bavail, sb.f_bfree);
+                               LOGL(LOG_SSENGINE, "Total free space = %ld, blocks free = %ld\n", sb.f_bsize * sb.f_bavail, sb.f_bfree);
                }
        }
        endmntent(aFile);
-       return sb.f_bsize * sb.f_bavail;
+       return ((long long)sb.f_bsize * (long long)sb.f_bavail >= (long long)SIZE_4GB) ? SIZE_4GB : sb.f_bsize * sb.f_bavail ;
 }
 
 int SS_FSVerifyPartition(ua_dataSS_t * ua_dataSS, int part_idx)
@@ -2249,6 +2262,8 @@ int SS_IMGVerfiyPartition(ua_dataSS_t * ua_dataSS)
                        LOGL(LOG_SSENGINE, "SS_IMGVerfiyPartition - SHA matches with source [%s] \n",
                                 ua_dataSS->parti_info->ua_blk_name);
                } else {                          // Need not compare with Target sha as once upgraded, it should NOT verify same partition again.
+                       LOGE("SS_IMGVerfiyPartition - SHA mismatch with SRC [%s] Expected [%x] Actual [%x]\n",
+                               ua_dataSS->parti_info->ua_blk_name, source_sha1, source_file.sha1);
                        SS_SetUpgradeState(E_SS_IMGSRCCURRUPTED);
                        ulResult = E_SS_FAILURE;
                }

diff --git a/ss_engine/fota_tar.c b/ss_engine/fota_tar.c
index faf9f042e09a876eae74ac3f19de4c8df1ba6d94..3d073d2eecbcb7a19e5ecaa7ca6b4f68f896b7a0 100755 (executable)
--- a/ss_engine/fota_tar.c
+++ b/ss_engine/fota_tar.c
@@ -55,7 +55,7 @@ struct posix_header {            /* byte offset */
 };
 #endif
 
-#define        MAX_ITEM_SIZE                           0x0FFFFFFF
+#define        MAX_ITEM_SIZE                           0x7FFFFFFF
 #define        TAR_ITEM_SIZE_POSITION  124
 #define        TAR_SIZE_OF_ITEM_SIZE           8
 #define        TAR_SIZE_OF_HEADER              12
@@ -196,7 +196,7 @@ int tar_get_item_offset(char *tar, char *item)
        char header[TAR_BLOCK_SIZE] = { 0, };
        char name[TAR_ITEM_NAME_SIZE + 1] = { 0, };
        char size_oct[TAR_SIZE_OF_HEADER] = { 0, };
-       int size_dec = 0;
+       unsigned long size_dec = 0;
        int blknum = 0;
        off_t pos = 0;
        off_t tar_len = 0;