Fix lookahead buffer size reported to littlefs2-sys

CHANGELOG.md

@@ -13,6 +13,19 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Changed
 - Made `Path::from_bytes_with_nul_unchecked` `const`.
+- Replaced `LOOKAHEADWORDS_SIZE` (measured in multiples of four bytes) with
+  `LOOKAHEAD_SIZE` (measured in multiples of eight bytes) in `driver::Storage`
+  so that all possible values are valid.  (See the lookahead size fix below for
+  context.)
+
+### Fixed
+- Fixed the lookahead size reported to `littlefs2-sys`.  Previously, the
+  reported size was too large by the factor of 8, potentially leading to a
+  buffer overflow causing filesystem corruption.  Fixing this means that
+  `Storage::LOOKAHEADWORD_SIZE` values that are not a multiple of 2 can now
+  lead to an error.  Fixes [#16].
+
+[#16]: https://github.com/trussed-dev/littlefs2/issues/16
 
 ## [v0.2.2] - 2021-03-20
 

src/driver.rs

@@ -52,12 +52,8 @@ pub trait Storage {
     /// Must be a factor of `BLOCK_SIZE`.
     type CACHE_SIZE: ArrayLength<u8>;
 
-    /// littlefs itself has a `LOOKAHEAD_SIZE`, which must be a multiple of 8,
-    /// as it stores data in a bitmap. It also asks for 4-byte aligned buffers.
-    /// Hence, we further restrict `LOOKAHEAD_SIZE` to be a multiple of 32.
-    /// Our LOOKAHEADWORDS_SIZE is this multiple.
-    type LOOKAHEADWORDS_SIZE: ArrayLength<u32>;
-    // type LOOKAHEAD_SIZE: ArrayLength<u8>;
+    /// Size of the lookahead buffer used by littlefs, measured in multiples of 8 bytes.
+    type LOOKAHEAD_SIZE: ArrayLength<u64>;
 
     ///// Maximum length of a filename plus one. Stored in superblock.
     ///// Should default to 255+1, but associated type defaults don't exist currently.

src/fs.rs

@@ -20,15 +20,14 @@ struct Cache<Storage: driver::Storage> {
     read: Bytes<Storage::CACHE_SIZE>,
     write: Bytes<Storage::CACHE_SIZE>,
     // lookahead: aligned::Aligned<aligned::A4, Bytes<Storage::LOOKAHEAD_SIZE>>,
-    lookahead: generic_array::GenericArray<u32, Storage::LOOKAHEADWORDS_SIZE>,
+    lookahead: generic_array::GenericArray<u64, Storage::LOOKAHEAD_SIZE>,
 }
 
 impl<S: driver::Storage> Cache<S> {
     pub fn new() -> Self {
         Self {
             read: Default::default(),
             write: Default::default(),
-            // lookahead: aligned::Aligned(Default::default()),
             lookahead: Default::default(),
         }
     }
@@ -60,8 +59,7 @@ impl<Storage: driver::Storage> Allocation<Storage> {
         let write_size: u32 = Storage::WRITE_SIZE as _;
         let block_size: u32 = Storage::BLOCK_SIZE as _;
         let cache_size: u32 = <Storage as driver::Storage>::CACHE_SIZE::U32;
-        let lookahead_size: u32 =
-            32 * <Storage as driver::Storage>::LOOKAHEADWORDS_SIZE::U32;
+        let lookahead_size: u32 = 8 * <Storage as driver::Storage>::LOOKAHEAD_SIZE::U32;
         let block_cycles: i32 = Storage::BLOCK_CYCLES as _;
         let block_count: u32 = Storage::BLOCK_COUNT as _;
 

src/macros.rs

@@ -14,7 +14,7 @@ macro_rules! ram_storage { (
     cache_size_ty=$cache_size:path,
     block_size=$block_size:expr,
     block_count=$block_count:expr,
-    lookaheadwords_size_ty=$lookaheadwords_size:path,
+    lookahead_size_ty=$lookahead_size:path,
     filename_max_plus_one_ty=$filename_max_plus_one:path,
     path_max_plus_one_ty=$path_max_plus_one:path,
     result=$Result:ident,
@@ -49,7 +49,7 @@ macro_rules! ram_storage { (
             type CACHE_SIZE = $cache_size;
             const BLOCK_SIZE: usize = $block_size;
             const BLOCK_COUNT: usize = $block_count;
-            type LOOKAHEADWORDS_SIZE = $lookaheadwords_size;
+            type LOOKAHEAD_SIZE = $lookahead_size;
 
             fn read(&mut self, offset: usize, buf: &mut [u8]) -> $Result<usize> {
                 let read_size: usize = Self::READ_SIZE;
@@ -93,7 +93,7 @@ macro_rules! ram_storage { (
             cache_size_ty=$crate::consts::U32,
             block_size=128,
             block_count=$bytes/128,
-            lookaheadwords_size_ty=$crate::consts::U1,
+            lookahead_size_ty=$crate::consts::U1,
             filename_max_plus_one_ty=$crate::consts::U256,
             path_max_plus_one_ty=$crate::consts::U256,
             result=LfsResult,
@@ -110,7 +110,7 @@ macro_rules! ram_storage { (
             cache_size_ty=$crate::consts::U32,
             block_size=128,
             block_count=8,
-            lookaheadwords_size_ty=$crate::consts::U1,
+            lookahead_size_ty=$crate::consts::U1,
             filename_max_plus_one_ty=$crate::consts::U256,
             path_max_plus_one_ty=$crate::consts::U256,
             result=Result,
@@ -127,7 +127,7 @@ macro_rules! ram_storage { (
             cache_size_ty=$crate::consts::U32,
             block_size=256,
             block_count=512,
-            lookaheadwords_size_ty=$crate::consts::U4,
+            lookahead_size_ty=$crate::consts::U4,
             filename_max_plus_one_ty=$crate::consts::U256,
             path_max_plus_one_ty=$crate::consts::U256,
             result=Result,
@@ -146,7 +146,7 @@ macro_rules! const_ram_storage { (
     cache_size_ty=$cache_size:path,
     block_size=$block_size:expr,
     block_count=$block_count:expr,
-    lookaheadwords_size_ty=$lookaheadwords_size:path,
+    lookahead_size_ty=$lookahead_size:path,
     filename_max_plus_one_ty=$filename_max_plus_one:path,
     path_max_plus_one_ty=$path_max_plus_one:path,
     result=$Result:ident,
@@ -178,7 +178,7 @@ macro_rules! const_ram_storage { (
             type CACHE_SIZE = $cache_size;
             const BLOCK_SIZE: usize = $block_size;
             const BLOCK_COUNT: usize = $block_count;
-            type LOOKAHEADWORDS_SIZE = $lookaheadwords_size;
+            type LOOKAHEAD_SIZE = $lookahead_size;
 
             fn read(&mut self, offset: usize, buf: &mut [u8]) -> $Result<usize> {
                 let read_size: usize = Self::READ_SIZE;
@@ -221,7 +221,7 @@ macro_rules! const_ram_storage { (
             cache_size_ty=$crate::consts::U512,
             block_size=512,
             block_count=$bytes/512,
-            lookaheadwords_size_ty=$crate::consts::U1,
+            lookahead_size_ty=$crate::consts::U1,
             filename_max_plus_one_ty=$crate::consts::U256,
             path_max_plus_one_ty=$crate::consts::U256,
             result=LfsResult,

src/tests.rs

@@ -26,7 +26,7 @@ ram_storage!(
     cache_size_ty=consts::U32,
     block_size=256,
     block_count=512,
-    lookaheadwords_size_ty=consts::U1,
+    lookahead_size_ty=consts::U1,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,
@@ -42,7 +42,7 @@ ram_storage!(
     cache_size_ty=consts::U700,
     block_size=20*35,
     block_count=32,
-    lookaheadwords_size_ty=consts::U16,
+    lookahead_size_ty=consts::U16,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,

tests/ui/constructors-fail.rs

@@ -15,7 +15,7 @@ ram_storage!(
     cache_size_ty=consts::U32,
     block_size=256,
     block_count=512,
-    lookaheadwords_size_ty=consts::U1,
+    lookaheadwords_size_ty=consts::U2,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,
@@ -31,7 +31,7 @@ ram_storage!(
     cache_size_ty=consts::U700,
     block_size=20*35,
     block_count=32,
-    lookaheadwords_size_ty=consts::U1,
+    lookaheadwords_size_ty=consts::U2,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,

tests/ui/sync-fail.rs

@@ -15,7 +15,7 @@ ram_storage!(
     cache_size_ty=consts::U32,
     block_size=256,
     block_count=512,
-    lookaheadwords_size_ty=consts::U1,
+    lookaheadwords_size_ty=consts::U2,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,
@@ -31,7 +31,7 @@ ram_storage!(
     cache_size_ty=consts::U700,
     block_size=20*35,
     block_count=32,
-    lookaheadwords_size_ty=consts::U1,
+    lookaheadwords_size_ty=consts::U2,
     filename_max_plus_one_ty=consts::U256,
     path_max_plus_one_ty=consts::U256,
     result=Result,