Date: Fri, 20 Dec 2019 07:40:28 +0000 (UTC) From: Toomas Soome <tsoome@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r355927 - stable/12/stand/libsa Message-ID: <201912200740.xBK7eSgT006141@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tsoome Date: Fri Dec 20 07:40:28 2019 New Revision: 355927 URL: https://svnweb.freebsd.org/changeset/base/355927 Log: MFC r355713: loader: cd9660_open() warn: is 'buf' large enough for 'struct iso_primary_descriptor'? We do allocate amount of memory (void * or char *), and then assign this buffer to struct iso_primary_descriptor *vd. Make sure we do allocate enough bytes. In fact we do allocate enough, but it is good idea to make sure this really is so. Modified: stable/12/stand/libsa/cd9660.c stable/12/stand/libsa/cd9660read.c Directory Properties: stable/12/ (props changed) Modified: stable/12/stand/libsa/cd9660.c ============================================================================== --- stable/12/stand/libsa/cd9660.c Fri Dec 20 05:15:03 2019 (r355926) +++ stable/12/stand/libsa/cd9660.c Fri Dec 20 07:40:28 2019 (r355927) @@ -286,7 +286,7 @@ cd9660_open(const char *path, struct open_file *f) struct file *fp = NULL; void *buf; struct iso_primary_descriptor *vd; - size_t buf_size, read, dsize, off; + size_t read, dsize, off; daddr_t bno, boff; struct iso_directory_record rec; struct iso_directory_record *dp = NULL; @@ -294,7 +294,8 @@ cd9660_open(const char *path, struct open_file *f) bool isdir = false; /* First find the volume descriptor */ - buf = malloc(buf_size = ISO_DEFAULT_BLOCK_SIZE); + buf = malloc(MAX(ISO_DEFAULT_BLOCK_SIZE, + sizeof(struct iso_primary_descriptor))); vd = buf; for (bno = 16;; bno++) { twiddle(1); @@ -438,8 +439,7 @@ cd9660_open(const char *path, struct open_file *f) return 0; out: - if (fp) - free(fp); + free(fp); free(buf); return rc; Modified: stable/12/stand/libsa/cd9660read.c ============================================================================== --- stable/12/stand/libsa/cd9660read.c Fri Dec 20 05:15:03 2019 (r355926) +++ stable/12/stand/libsa/cd9660read.c Fri Dec 20 07:40:28 2019 (r355927) @@ -35,6 +35,7 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); +#include <sys/param.h> #include <fs/cd9660/iso.h> #include <fs/cd9660/cd9660_rrip.h> @@ -220,7 +221,8 @@ dirmatch(const char *path, struct iso_directory_record static uint64_t cd9660_lookup(const char *path) { - static char blkbuf[ISO_DEFAULT_BLOCK_SIZE]; + static char blkbuf[MAX(ISO_DEFAULT_BLOCK_SIZE, + sizeof(struct iso_primary_descriptor))]; struct iso_primary_descriptor *vd; struct iso_directory_record rec; struct iso_directory_record *dp = NULL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912200740.xBK7eSgT006141>