]> git.ipfire.org Git - thirdparty/util-linux.git/commit
projects / thirdparty / util-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dfb8d4b) | patch
libblkid: Fix out of bounds reads in BEFS handling
authorAlden Tondettar <alden.tondettar@gmail.com>
Tue, 24 Jan 2017 06:28:01 +0000 (23:28 -0700)
committerKarel Zak <kzak@redhat.com>
Wed, 25 Jan 2017 10:43:06 +0000 (11:43 +0100)
commita157a23f6d34f26da437a32a9bd764805c2d7d85
treef9a2723b4de22a2652b26d4ee069eab080bbc44ftree | snapshot
parentdfb8d4ba929b6ec3f54b39037f2d6ef59a62ff08commit | diff
libblkid: Fix out of bounds reads in BEFS handling

The BEFS prober is quite trusting of whatever data is fed to it and
performs almost no bounds checks. There don't seem to be any
out-of-bounds writes as far as I can tell, but there are many ways a
corrupted image could cause libblkid to read OOB and segfault, or hang
in an infinite loop.

This fix makes a few sanity-checks of the superblock, add bounds checks
wherever they seem needed, and crudely checks for cycles in the B+ tree.

Signed-off-by: Alden Tondettar <alden.tondettar@gmail.com>
libblkid/src/superblocks/befs.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.