From d93adf55df94f9ef92096cc1a186e416ebf3d03a Mon Sep 17 00:00:00 2001
From: Keith Mok <ek98522gmail.com>
Date: Tue, 16 Feb 2016 09:50:22 -0800
Subject: [PATCH] fs_mgr: BLKGETSIZE causes memory corruption

BLKGETSIZE return unsigned long sector size,
but unsigned long is of 8 bytes in 64 bits system.
Passing an integar value will causes stack corruption.
Use BLKGETSIZE64 instead.

Change-Id: I60323e51c6692d4405cf2ed015ab4216c1591f68
---
 fs_mgr/fs_mgr_format.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/fs_mgr/fs_mgr_format.c b/fs_mgr/fs_mgr_format.c
index c73045d44..853bf0bb6 100644
--- a/fs_mgr/fs_mgr_format.c
+++ b/fs_mgr/fs_mgr_format.c
@@ -33,7 +33,7 @@ extern void reset_ext4fs_info();
 
 static int format_ext4(char *fs_blkdev, char *fs_mnt_point)
 {
-    unsigned int nr_sec;
+    uint64_t dev_sz;
     int fd, rc = 0;
 
     if ((fd = open(fs_blkdev, O_WRONLY, 0644)) < 0) {
@@ -41,7 +41,7 @@ static int format_ext4(char *fs_blkdev, char *fs_mnt_point)
         return -1;
     }
 
-    if ((ioctl(fd, BLKGETSIZE, &nr_sec)) == -1) {
+    if ((ioctl(fd, BLKGETSIZE64, &dev_sz)) == -1) {
         ERROR("Cannot get block device size.  %s\n", strerror(errno));
         close(fd);
         return -1;
@@ -49,7 +49,7 @@ static int format_ext4(char *fs_blkdev, char *fs_mnt_point)
 
     /* Format the partition using the calculated length */
     reset_ext4fs_info();
-    info.len = ((off64_t)nr_sec * 512);
+    info.len = (off64_t)dev_sz;
 
     /* Use make_ext4fs_internal to avoid wiping an already-wiped partition. */
     rc = make_ext4fs_internal(fd, NULL, NULL, fs_mnt_point, 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL);