If 0 is passed to the 'bytes' parameter in the ubi_start_update(),
there is no need to call the ubi_more_update_data(). Otherwise,
there will be a double-free of 'vol->upd_buf'.
Also check that the ubi_start_update() was called before calling
the ubi_more_update_data().
Signed-off-by: Martin Kurbanov <mmkurba...@salutedevices.com>
---
cmd/ubi.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/cmd/ubi.c b/cmd/ubi.c
index 23b6211f6c..b68b51c6a9 100644
--- a/cmd/ubi.c
+++ b/cmd/ubi.c
@@ -363,6 +363,11 @@ static int ubi_volume_continue_write(char *volume, void
*buf, size_t size)
if (vol == NULL)
return ENODEV;
+ if (!vol->updating) {
+ printf("UBI volume update was not initiated\n");
+ return EINVAL;
+ }
+
err = ubi_more_update_data(ubi, vol, buf, size);
if (err < 0) {
printf("Couldnt or partially wrote data\n");
@@ -412,6 +417,10 @@ int ubi_volume_begin_write(char *volume, void *buf, size_t
size,
return -err;
}
+ /* The volume is just wiped out */
+ if (!full_size)
+ return 0;
+
return ubi_volume_continue_write(volume, buf, size);
}
--
2.43.0
