Date: Mon, 1 Dec 2003 00:55:52 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: current@freebsd.org Subject: bug in CD9660 path handling in libstand (effects boot code) Message-ID: <200312010855.hB18tqNZ019141@apollo.backplane.com>
next in thread | raw e-mail | index | archive | help
This fixes a bug where an attempt to load a file path which contains
an intermediate path element which is a file on the CD rather then
a directory results in the file being accessed like a directory... which
can lockup the boot code.
The fix is simple. Check to see if an intermediate path element really
represents a directory and return ENOENT if it doesn't.
This situation can occur due to searches via the module search path.
-Matt
Matthew Dillon
<dillon@backplane.com>
Index: cd9660.c
===================================================================
RCS file: /cvs/src/lib/libstand/cd9660.c,v
retrieving revision 1.3
diff -u -r1.3 cd9660.c
--- cd9660.c 8 Aug 2003 04:18:34 -0000 1.3
+++ cd9660.c 1 Dec 2003 08:37:25 -0000
@@ -372,7 +372,13 @@
rec = *dp;
while (*path && *path != '/') /* look for next component */
path++;
- if (*path) path++; /* skip '/' */
+ if (*path == '/') { /* skip /, make sure is dir */
+ path++;
+ if (*path && (isonum_711(dp->flags) & 2) == 0) {
+ rc = ENOENT; /* not directory */
+ goto out;
+ }
+ }
}
/* allocate file system specific data structure */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312010855.hB18tqNZ019141>