summaryrefslogtreecommitdiff
path: root/sfdp.c
diff options
context:
space:
mode:
authorstefanct <stefanct@2b7e53f0-3cfb-0310-b3e9-8179ed1497e1>2015-12-25 21:59:45 +0000
committerstefanct <stefanct@2b7e53f0-3cfb-0310-b3e9-8179ed1497e1>2015-12-25 21:59:45 +0000
commitf59f3a42fa62903cac9a03e148549b534df1d943 (patch)
treef787fd81606d11698acd1cec6a8d0f36c39d568f /sfdp.c
parentbae59c9b0efaa24c778533c9c18b68faa0a0c53e (diff)
downloadflashrom-f59f3a42fa62903cac9a03e148549b534df1d943.tar.gz
Rigorously check integrity of I/O stream data.
Even if fwrite() succeeds the data is not necessarily out of the clib's buffers and writing it eventually could fail. Even if the data is flushed out (explicitly by fflush() or implicitly by fclose()) the kernel might still hold a buffer. Previously we have ignored this to a large extent - even in important cases like writing the flash contents to a file. The results can be truncated images that would brick the respective machine if written back as is (though flashrom would not allow that due to a size mismatch). flashrom would not indicate the problem in any output - so far we only check the return value of fwrite() that is not conclusive. This patch checks the return values of all related system calls like fclose() unless we only read the file and are not really interested in output errors. In the latter case the return value is casted to void to document this fact. Additionally, this patch explicitly calls fflush() and fsync() (on regular files only) to do the best we can to guarantee the read image reaches the disk safely and at least inform the user if it did not work. Signed-off-by: Stefan Tauner <stefan.tauner@alumni.tuwien.ac.at> Acked-by: Urja Rannikko <urjaman@gmail.com> git-svn-id: https://code.coreboot.org/svn/flashrom/trunk@1902 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1
Diffstat (limited to 'sfdp.c')
0 files changed, 0 insertions, 0 deletions