liblkid: Add length check in probe_nilfs2 before crc32 - openslx/kernel-qcow2-util-linux.git

diff options

author	Torsten Hilbrich	2016-06-20 07:09:10 +0200
committer	Karel Zak	2016-06-24 11:13:24 +0200
commit	ac681a310c32319423297544833932f4d689a7a2 (patch)
tree	b1abeb3da379f3b38c9eaf2168c45d781c498660 /term-utils/agetty.c
parent	lscpu: make lookup_cache() more robust (diff)
download	kernel-qcow2-util-linux-ac681a310c32319423297544833932f4d689a7a2.tar.gz kernel-qcow2-util-linux-ac681a310c32319423297544833932f4d689a7a2.tar.xz kernel-qcow2-util-linux-ac681a310c32319423297544833932f4d689a7a2.zip

liblkid: Add length check in probe_nilfs2 before crc32

The bytes variable is read from the file system to probe and must be checked before used as length parameter in the crc32 call. The following problems may occur here: - bytes smaller than sumoff + 4: underflow in length calculation - bytes larger than remaining space in sb: overflow of buffer This fixes a problem where an encrypted volume had the correct magic values 0x3434 at offset 0x406 and the following uint16_t (which is read into the nilfs_super_block.s_bytes struct) was parsed as 1. Then crc32 was called with the length value 18446744073709551597 causing a segmentation fault. [kzak@redhat.com: - fix probe_nilfs2() return code] Signed-off-by: Karel Zak <kzak@redhat.com>

Diffstat (limited to 'term-utils/agetty.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: