Details
Description
Original discussion is on Mender Hub.
The main points from the report are:
When trying to apply a delta update on this device, it fails. The delta update has the following properties:
- Rootfs size: 6973030400
- rootfs_image_checksum: 592a7f320564105dbe57e3e668139fc4b28e996904da5168e61f2b7ec8db865f
and
Feb 24 09:11:00 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:00Z" level=info msg="Installer: authenticated digital signature of artifact" Feb 24 09:11:07 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:07Z" level=info msg="Update module output: xdelta3: target window checksum mismatch: XD3_INVALID_INPUT" Feb 24 09:11:07 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:07Z" level=info msg="Update module output: xdelta3: normally this indicates that the source file is incorrect" Feb 24 09:11:07 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:07Z" level=info msg="Update module output: xdelta3: please verify the source file with sha1sum or equivalent" Feb 24 09:11:07 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:07Z" level=info msg="Update module output: Failed to apply the delta, err: 1" Feb 24 09:11:07 nobi-d5eab244-1e36-44e6-adc5-c54a73d42a8e mender[5039]: time="2021-02-24T09:11:07Z" level=error msg="Artifact install failed: Update module terminated abnormally: exit status 1"
My current theory is that this happens because of int32 overflow in a 4GB+ update. I did some checking, and can confirm that if a 4GB+ update is created, mender-binary-delta-generator generates a negative number in the rootfs_file_size field, as illustrated here:
Mender artifact: Name: rootfs2 Format: mender Version: 3 Signature: no signature Compatible devices: '[t]' Provides group: Depends on one of artifact(s): [] Depends on one of group(s): [] State scripts: Updates: 0: Type: mender-binary-delta Provides: rootfs-image.checksum: d985857238b4762f44e777f68a0256d62f612bb295bf2201d4ba9104bcb24ebc rootfs-image.version: rootfs2 Depends: rootfs-image.checksum: a9647d8a8152af95fef9a8655f748b8d2557c4e46b5ebdefc124e2b7cb9b5b53 Clears Provides: ["artifact_group", "rootfs_image_checksum", "rootfs-image.*"] Metadata: { "delta_algorithm": "xdelta3", "rootfs_file_size": -1616904192 } Files: name: rootfs2.dat.delta size: 17253 modified: 2021-03-08 13:20:55 +0000 UTC checksum: 02a57dda66b24b2f53e3a04ca928a4350df75c253d6855f8febe1459488bc427
However, I did not attempt to make an update using this artifact, and I have not confirmed that this is the same issue as faced by the reporter. In fact, his log output makes me suspect that it's not. More testing is needed here to confirm this.
But of course, what I demonstrated above is definitely a bug, it just may not be the only bug.
I have tracked it down to the usage of JsonObjectAppendInteger. It should offer a 64-bit version, but doesn't. The "Get" interface does, however.