AU: Verify source rootfs/kernel hashes before applying delta.
New style full updates will not send the old rootfs hash so no check takes
place.
BUG=7562
TEST=unit tests, gmerged on device and tested with good/bad source partition
Change-Id: I65b28bf57110e4d87472d4aea59121878cde24b0
Review URL: http://codereview.chromium.org/3712003
diff --git a/delta_performer.cc b/delta_performer.cc
index d111015..5bb5d0a 100644
--- a/delta_performer.cc
+++ b/delta_performer.cc
@@ -578,6 +578,28 @@
return true;
}
+bool DeltaPerformer::VerifySourcePartitions() {
+ LOG(INFO) << "Verifying source partitions.";
+ CHECK(manifest_valid_);
+ if (manifest_.has_old_kernel_info()) {
+ const PartitionInfo& info = manifest_.old_kernel_info();
+ TEST_AND_RETURN_FALSE(current_kernel_hash_ != NULL &&
+ current_kernel_hash_->size() == info.hash().size() &&
+ memcmp(current_kernel_hash_->data(),
+ info.hash().data(),
+ current_kernel_hash_->size()) == 0);
+ }
+ if (manifest_.has_old_rootfs_info()) {
+ const PartitionInfo& info = manifest_.old_rootfs_info();
+ TEST_AND_RETURN_FALSE(current_rootfs_hash_ != NULL &&
+ current_rootfs_hash_->size() == info.hash().size() &&
+ memcmp(current_rootfs_hash_->data(),
+ info.hash().data(),
+ current_rootfs_hash_->size()) == 0);
+ }
+ return true;
+}
+
void DeltaPerformer::DiscardBufferHeadBytes(size_t count) {
hash_calculator_.Update(&buffer_[0], count);
buffer_.erase(buffer_.begin(), buffer_.begin() + count);
@@ -661,6 +683,7 @@
next_operation == kUpdateStateOperationInvalid ||
next_operation <= 0) {
// Initiating a new update, no more state needs to be initialized.
+ TEST_AND_RETURN_FALSE(VerifySourcePartitions());
return true;
}
next_operation_num_ = next_operation;