X-Git-Url: http://git.sven.stormbind.net/?a=blobdiff_plain;f=debian%2Fpatches%2Fdetect-infinite-loop;fp=debian%2Fpatches%2Fdetect-infinite-loop;h=0000000000000000000000000000000000000000;hb=15bb212d54882bd4dd8ceddf3a88358aa9166d45;hp=a50f38c3a5762a62c606bb626419b64ae6140aee;hpb=9a48a6b25a9dee22fc8aaa154ab737622d7d4bbc;p=sven%2Fexfat-utils.git diff --git a/debian/patches/detect-infinite-loop b/debian/patches/detect-infinite-loop deleted file mode 100644 index a50f38c..0000000 --- a/debian/patches/detect-infinite-loop +++ /dev/null @@ -1,52 +0,0 @@ -Patch for https://github.com/relan/exfat/issues/6 -See also: -https://blog.fuzzing-project.org/25-Heap-overflow-and-endless-loop-in-exfatfsck-exfat-utils.html -Index: exfat-utils/libexfat/mount.c -=================================================================== ---- exfat-utils.orig/libexfat/mount.c -+++ exfat-utils/libexfat/mount.c -@@ -30,23 +30,32 @@ - - static uint64_t rootdir_size(const struct exfat* ef) - { -- uint64_t clusters = 0; -+ uint32_t clusters = 0; -+ uint32_t clusters_max = le32_to_cpu(ef->sb->cluster_count); - cluster_t rootdir_cluster = le32_to_cpu(ef->sb->rootdir_cluster); - -- while (!CLUSTER_INVALID(rootdir_cluster)) -+ /* Iterate all clusters of the root directory to calculate its size. -+ It can't be contiguous because there is no flag to indicate this. */ -+ do - { -- clusters++; -- /* root directory cannot be contiguous because there is no flag -- to indicate this */ -+ if (clusters == clusters_max) /* infinite loop detected */ -+ { -+ exfat_error("root directory cannot occupy all %d clusters", -+ clusters); -+ return 0; -+ } -+ if (CLUSTER_INVALID(rootdir_cluster)) -+ { -+ exfat_error("bad cluster %#x while reading root directory", -+ rootdir_cluster); -+ return 0; -+ } - rootdir_cluster = exfat_next_cluster(ef, ef->root, rootdir_cluster); -+ clusters++; - } -- if (rootdir_cluster != EXFAT_CLUSTER_END) -- { -- exfat_error("bad cluster %#x while reading root directory", -- rootdir_cluster); -- return 0; -- } -- return clusters * CLUSTER_SIZE(*ef->sb); -+ while (rootdir_cluster != EXFAT_CLUSTER_END); -+ -+ return (uint64_t) clusters * CLUSTER_SIZE(*ef->sb); - } - - static const char* get_option(const char* options, const char* option_name)