From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 25 Apr 2016 19:42:15 +0000 (+0200)
Subject: sd-journal: detect earlier if we try to read an object from an invalid offset
X-Git-Tag: v230~127^2~5
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=50809d7a9c986f78d8b8872098e4880aa8ff2076;p=thirdparty%2Fsystemd.git

sd-journal: detect earlier if we try to read an object from an invalid offset

Specifically, detect early if we try to read from offset 0, i.e. are using
uninitialized offset data.
---

diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index ac6c30f9f25..c4318636f71 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -709,6 +709,10 @@ int journal_file_move_to_object(JournalFile *f, ObjectType type, uint64_t offset
         if (!VALID64(offset))
                 return -EFAULT;
 
+        /* Object may not be located in the file header */
+        if (offset < le64toh(f->header->header_size))
+                return -EBADMSG;
+
         r = journal_file_move_to(f, type, false, offset, sizeof(ObjectHeader), &t);
         if (r < 0)
                 return r;