From 73ffc3e5b59bbc2ff5439d705b0876531ecb645b Mon Sep 17 00:00:00 2001 From: Andreas Gampe Date: Thu, 19 Feb 2015 11:42:36 -0800 Subject: [PATCH] ART: Check image size when opening The image file might have been truncated. In that case, reject loading the image space. Bug: 19398702 (cherrypicked from commit beacd381dbdcc9f7f02b5e207037afb993aabba4) Change-Id: I8e46340fe1e05629704d6e3bae84caf8b0435125 --- runtime/gc/space/image_space.cc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/runtime/gc/space/image_space.cc b/runtime/gc/space/image_space.cc index f765f0e16..c7b97ba35 100644 --- a/runtime/gc/space/image_space.cc +++ b/runtime/gc/space/image_space.cc @@ -645,6 +645,20 @@ ImageSpace* ImageSpace::Init(const char* image_filename, const char* image_locat return nullptr; } + // Check that the file is large enough. + uint64_t image_file_size = static_cast(file->GetLength()); + if (image_header.GetImageSize() > image_file_size) { + *error_msg = StringPrintf("Image file too small for image heap: %" PRIu64 " vs. %zu.", + image_file_size, image_header.GetImageSize()); + return nullptr; + } + if (image_header.GetBitmapOffset() + image_header.GetImageBitmapSize() != image_file_size) { + *error_msg = StringPrintf("Image file too small for image bitmap: %" PRIu64 " vs. %zu.", + image_file_size, + image_header.GetBitmapOffset() + image_header.GetImageBitmapSize()); + return nullptr; + } + // Note: The image header is part of the image due to mmap page alignment required of offset. std::unique_ptr map(MemMap::MapFileAtAddress(image_header.GetImageBegin(), image_header.GetImageSize(), -- 2.11.0