Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 8 Oct 2021 01:16:29 GMT
From:      Kyle Evans <kevans@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: dd80f75e6647 - stable/12 - In gptboot, don't assume a partition number is a single digit, 1-9.  GPT partitions can have 128 partitions, so parse contiguous digits and then validate that the number is between 1-128 inclusive.
Message-ID:  <202110080116.1981GTIo010620@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/12 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=dd80f75e664760479f55a2197448c014cfdd3025

commit dd80f75e664760479f55a2197448c014cfdd3025
Author:     Ian Lepore <ian@FreeBSD.org>
AuthorDate: 2019-12-22 22:33:22 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2021-10-08 01:15:58 +0000

    In gptboot, don't assume a partition number is a single digit, 1-9.  GPT
    partitions can have 128 partitions, so parse contiguous digits and then
    validate that the number is between 1-128 inclusive.
    
    I'm not sure 128 is a hard limit in the GPT standard, but it's the common
    number in use, and it's a better upper limit than 9.
    
    (cherry picked from commit 42e08952bb84aa86dfdcc7b80c95b58e515bdce7)
---
 stand/i386/gptboot/gptboot.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/stand/i386/gptboot/gptboot.c b/stand/i386/gptboot/gptboot.c
index 68ef55073ecb..7b5423ede6d8 100644
--- a/stand/i386/gptboot/gptboot.c
+++ b/stand/i386/gptboot/gptboot.c
@@ -574,10 +574,12 @@ parse_cmds(char *cmdstr, int *dskupdated)
 				if (arg[1] != 'p' || gdsk.dsk.unit > 9)
 					return (-1);
 				arg += 2;
-				gdsk.dsk.part = *arg - '0';
-				if (gdsk.dsk.part < 1 || gdsk.dsk.part > 9)
+				j = 0;
+				while (*arg >= '0' && *arg <= '9')
+					j = j * 10 + *arg++ - '0';
+				gdsk.dsk.part = j;
+				if (gdsk.dsk.part < 1 || gdsk.dsk.part > 128)
 					return (-1);
-				arg++;
 				if (arg[0] != ')')
 					return (-1);
 				arg++;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110080116.1981GTIo010620>