diff options
author | Karel Zak | 2017-04-06 12:13:46 +0200 |
---|---|---|
committer | Karel Zak | 2017-04-06 12:13:46 +0200 |
commit | a8294f401f627bd6e9f918d629caebfdf4bdc9f6 (patch) | |
tree | 81290d4bd496ceadc35c357bccd60ff36838fb36 /libfdisk/src/gpt.c | |
parent | libfdisk: (gpt) make entries array size calculation more robust (diff) | |
download | kernel-qcow2-util-linux-a8294f401f627bd6e9f918d629caebfdf4bdc9f6.tar.gz kernel-qcow2-util-linux-a8294f401f627bd6e9f918d629caebfdf4bdc9f6.tar.xz kernel-qcow2-util-linux-a8294f401f627bd6e9f918d629caebfdf4bdc9f6.zip |
libfdisk: (gpt) care about SSIZE_MAX for read(2)
read(2) behavior is undefined if you want to read more than SSIZE_MAX
bytes. Let's be paranoid and check for this...
Reported-by: Ruediger Meier <sweet_f_a@gmx.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'libfdisk/src/gpt.c')
-rw-r--r-- | libfdisk/src/gpt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libfdisk/src/gpt.c b/libfdisk/src/gpt.c index 047ba59c6..36198c3bd 100644 --- a/libfdisk/src/gpt.c +++ b/libfdisk/src/gpt.c @@ -874,6 +874,11 @@ static unsigned char *gpt_read_entries(struct fdisk_context *cxt, if (gpt_sizeof_ents(header, &sz)) return NULL; + if (sz > (size_t) SSIZE_MAX) { + DBG(LABEL, ul_debug("GPT entries array too large to read()")); + return NULL; + } + ret = calloc(1, sz); if (!ret) return NULL; |