summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAJ Bagwell <anthony.bagwell@hivehome.com>2019-11-11 10:32:22 +0000
committerRoss Burton <ross.burton@intel.com>2019-11-11 11:20:30 +0000
commit0f4eecc000f66d114ad258fa31aed66afa292166 (patch)
tree4087f09de4a173f38ea2537488ae67722012ad3c
parent9ca96786fd851150b518388bcb166efa0b4dfff9 (diff)
downloadmeta-gplv2-0f4eecc000f66d114ad258fa31aed66afa292166.tar.gz
Fix write issues where sprintf writes across both name and ext fields and drops the final null ternimator outside the struct Signed-off-by: AJ Bagwell <anthony.bagwell@hivehome.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
-rw-r--r--recipes-devtools/dosfstools/dosfstools/fixing-out-of-bound-writes.patch54
-rw-r--r--recipes-devtools/dosfstools/dosfstools_2.11.bb1
2 files changed, 55 insertions, 0 deletions
diff --git a/recipes-devtools/dosfstools/dosfstools/fixing-out-of-bound-writes.patch b/recipes-devtools/dosfstools/dosfstools/fixing-out-of-bound-writes.patch
new file mode 100644
index 0000000..f80f5ab
--- /dev/null
+++ b/recipes-devtools/dosfstools/dosfstools/fixing-out-of-bound-writes.patch
@@ -0,0 +1,54 @@
1Fix out of bound write issues where sprintf writes across both
2name and ext fields and drops the final null ternimator outside the struct
3
4Upstream-Status: Inappropriate [licensing]
5We're tracking an old release of dosfstools due to licensing issues.
6
7diff --git a/dosfsck/check.c b/dosfsck/check.c
8index e8c13bb..91177d3 100644
9--- a/dosfsck/check.c
10+++ b/dosfsck/check.c
11@@ -58,6 +58,13 @@ static DOS_FILE *root;
12 } \
13 } while(0)
14
15+static void de_printf(DIR_ENT *de, const char *pattern, int curr_num)
16+{
17+ char buffer[12];
18+ sprintf(buffer, pattern, curr_num);
19+ memcpy(de->name, buffer, 8);
20+ memcpy(de->ext, buffer + 8, 3);
21+}
22
23 loff_t alloc_rootdir_entry(DOS_FS *fs, DIR_ENT *de, const char *pattern)
24 {
25@@ -110,7 +117,8 @@ loff_t alloc_rootdir_entry(DOS_FS *fs, DIR_ENT *de, const char *pattern)
26 }
27 memset(de,0,sizeof(DIR_ENT));
28 while (1) {
29- sprintf(de->name,pattern,curr_num);
30+ de_printf(de, pattern, curr_num);
31+
32 clu_num = fs->root_cluster;
33 i = 0;
34 offset2 = cluster_start(fs,clu_num);
35@@ -150,7 +158,7 @@ loff_t alloc_rootdir_entry(DOS_FS *fs, DIR_ENT *de, const char *pattern)
36 offset = fs->root_start+next_free*sizeof(DIR_ENT);
37 memset(de,0,sizeof(DIR_ENT));
38 while (1) {
39- sprintf(de->name,pattern,curr_num);
40+ de_printf(de, pattern, curr_num);
41 for (scan = 0; scan < fs->root_entries; scan++)
42 if (scan != next_free &&
43 !strncmp(root[scan].name,de->name,MSDOS_NAME))
44@@ -311,8 +319,8 @@ static void auto_rename(DOS_FILE *file)
45 first = file->parent ? file->parent->first : root;
46 number = 0;
47 while (1) {
48- sprintf(file->dir_ent.name,"FSCK%04d",number);
49- strncpy(file->dir_ent.ext,"REN",3);
50+ de_printf(&file->dir_ent, "FSCK%04dREN", number);
51+
52 for (walk = first; walk; walk = walk->next)
53 if (walk != file && !strncmp(walk->dir_ent.name,file->dir_ent.
54 name,MSDOS_NAME)) break;
diff --git a/recipes-devtools/dosfstools/dosfstools_2.11.bb b/recipes-devtools/dosfstools/dosfstools_2.11.bb
index dd543b1..37c2181 100644
--- a/recipes-devtools/dosfstools/dosfstools_2.11.bb
+++ b/recipes-devtools/dosfstools/dosfstools_2.11.bb
@@ -19,6 +19,7 @@ SRC_URI = "http://pkgs.fedoraproject.org/repo/pkgs/${BPN}/${BP}.src.tar.gz/407d4
19 file://nofat32_autoselect.patch \ 19 file://nofat32_autoselect.patch \
20 file://fix_populated_dosfs_creation.patch \ 20 file://fix_populated_dosfs_creation.patch \
21 file://0001-Include-fcntl.h-for-getting-loff_t-definition.patch \ 21 file://0001-Include-fcntl.h-for-getting-loff_t-definition.patch \
22 file://fixing-out-of-bound-writes.patch \
22" 23"
23 24
24SRC_URI[md5sum] = "407d405ade410f7597d364ab5dc8c9f6" 25SRC_URI[md5sum] = "407d405ade410f7597d364ab5dc8c9f6"