Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix a panic that occurred when trying to traverse a corrupt msdosfs 

filesystem.  With this particular corruption, the code in pcbmap()
would compute an offset into an array that was way out of bounds,
so check the bounds before trying to access and return an error if
the offset would be out of bounds.
This commit is contained in:
briggs 2003-10-22 03:51:12 +00:00
parent 31923baa46
commit 33a79483d0
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/fs/msdosfs/msdosfs_fat.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: msdosfs_fat.c,v 1.1 2002/12/26 12:31:34 jdolecek Exp $ */ /* $NetBSD: msdosfs_fat.c,v 1.2 2003/10/22 03:51:12 briggs Exp $ */
/*- /*-
* Copyright (C) 1994, 1995, 1997 Wolfgang Solfrank. * Copyright (C) 1994, 1995, 1997 Wolfgang Solfrank.
@ -48,7 +48,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: msdosfs_fat.c,v 1.1 2002/12/26 12:31:34 jdolecek Exp $"); __KERNEL_RCSID(0, "$NetBSD: msdosfs_fat.c,v 1.2 2003/10/22 03:51:12 briggs Exp $");
/* /*
* kernel include files. * kernel include files.
@ -234,6 +234,11 @@ pcbmap(dep, findcn, bnp, cnp, sp)
bp_bn = bn; bp_bn = bn;
} }
prevcn = cn; prevcn = cn;
if (bo >= bsize) {
if (bp)
brelse(bp);
return (EIO);
}
if (FAT32(pmp)) if (FAT32(pmp))
cn = getulong(&bp->b_data[bo]); cn = getulong(&bp->b_data[bo]);
else else