Date: Sat, 8 Jan 2022 04:29:28 GMT From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 9f4073d44628 - main - geom label msdosfs: sanity check BPB before using it for io request Message-ID: <202201080429.2084TS52022169@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9f4073d44628bc70dbe67df5163266cbfbe37167 commit 9f4073d44628bc70dbe67df5163266cbfbe37167 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2021-12-30 13:17:59 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2022-01-08 03:41:44 +0000 geom label msdosfs: sanity check BPB before using it for io request It must be greater than zero, and be multiple of the device block size. In collaboration with: pho Reviewed by: markj, mckusick Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D33721 --- sys/geom/label/g_label_msdosfs.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/geom/label/g_label_msdosfs.c b/sys/geom/label/g_label_msdosfs.c index 06d5f2a8e0f0..f138d1eda716 100644 --- a/sys/geom/label/g_label_msdosfs.c +++ b/sys/geom/label/g_label_msdosfs.c @@ -156,6 +156,12 @@ g_label_msdosfs_taste(struct g_consumer *cp, char *label, size_t size) G_LABEL_DEBUG(2, "MSDOSFS: FAT_FirstDataSector=0x%x, FAT_BytesPerSector=%d", fat_FirstDataSector, fat_BytesPerSector); + if (fat_BytesPerSector == 0 || + fat_BytesPerSector % pp->sectorsize != 0) { + G_LABEL_DEBUG(1, "MSDOSFS: %s: corrupted BPB", + pp->name); + goto error; + } for (offset = fat_BytesPerSector * fat_FirstDataSector;; offset += fat_BytesPerSector) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202201080429.2084TS52022169>