From: Sven Hoexter <sven@timegate.de>
Date: Fri, 30 Oct 2015 09:21:37 +0000 (+0100)
Subject: Add the fix for https://github.com/relan/exfat/issues/5 found and reported by The... 
X-Git-Tag: debian/1.1.0-2+deb8u1~2
X-Git-Url: https://git.sven.stormbind.net/?p=sven%2Fexfat-utils.git;a=commitdiff_plain;h=25ffc4746767ea92b1a61aff7510116be250266b

Add the fix for https://github.com/relan/exfat/issues/5 found and reported by The Fuzzing Project. Check sector and cluster size.
---

diff --git a/debian/changelog b/debian/changelog
index e401b5f..41d33cc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,13 +1,9 @@
-exfat-utils (1.1.0-2+deb8u1) jessie; urgency=medium
+exfat-utils (1.1.0-2+deb8u1) UNRELEASED; urgency=medium
 
-  * Add d/patches/check-sector-and-cluster-size. Fix for
-    https://github.com/relan/exfat/issues/5 found and reported by
-    The Fuzzing Project.
-  * Add d/patches/detect-infinite-loop. Fix for
-    https://github.com/relan/exfat/issues/6 found and reported by
-    The Fuzzing Project.
+  * Add the fix for https://github.com/relan/exfat/issues/5 found
+    and reported by The Fuzzing Project. Check sector and cluster size.
 
- -- Sven Hoexter <hoexter@debian.org>  Thu, 29 Oct 2015 09:40:20 +0100
+ --
 
 exfat-utils (1.1.0-2) unstable; urgency=low
 
diff --git a/libexfat/mount.c b/libexfat/mount.c
index 2ebf436..2456187 100644
--- a/libexfat/mount.c
+++ b/libexfat/mount.c
@@ -208,6 +208,23 @@ int exfat_mount(struct exfat* ef, const char* spec, const char* options)
 		exfat_error("exFAT file system is not found");
 		return -EIO;
 	}
+	/* sector cannot be smaller than 512 bytes */
+	if (ef->sb->sector_bits < 9)
+	{
+		exfat_close(ef->dev);
+		exfat_error("too small sector size: 2^%hhd", ef->sb->sector_bits);
+		free(ef->sb);
+		return -EIO;
+	}
+	/* officially exFAT supports cluster size up to 32 MB */
+	if ((int) ef->sb->sector_bits + (int) ef->sb->spc_bits > 25)
+	{
+		exfat_close(ef->dev);
+		exfat_error("too big cluster size: 2^(%hhd+%hhd)",
+				ef->sb->sector_bits, ef->sb->spc_bits);
+		free(ef->sb);
+		return -EIO;
+	}
 	ef->zero_cluster = malloc(CLUSTER_SIZE(*ef->sb));
 	if (ef->zero_cluster == NULL)
 	{
@@ -242,16 +259,6 @@ int exfat_mount(struct exfat* ef, const char* spec, const char* options)
 		free(ef->sb);
 		return -EIO;
 	}
-	/* officially exFAT supports cluster size up to 32 MB */
-	if ((int) ef->sb->sector_bits + (int) ef->sb->spc_bits > 25)
-	{
-		free(ef->zero_cluster);
-		exfat_close(ef->dev);
-		exfat_error("too big cluster size: 2^%d",
-				(int) ef->sb->sector_bits + (int) ef->sb->spc_bits);
-		free(ef->sb);
-		return -EIO;
-	}
 	if (le64_to_cpu(ef->sb->sector_count) * SECTOR_SIZE(*ef->sb) >
 			exfat_get_size(ef->dev))
 	{