代码拉取完成,页面将自动刷新
同步操作将从 余诗/grub2 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From c44b1428c4c7d2bb01359fd885720af87e10b1b2 Mon Sep 17 00:00:00 2001
From: Lidong Chen <[email protected]>
Date: Fri, 20 Jan 2023 19:39:40 +0000
Subject: fs/iso9660: Avoid reading past the entry boundary
Added a check for the SP entry data boundary before reading it.
Reference:https://git.savannah.gnu.org/cgit/grub.git/commit?id=c44b1428c4c7d2bb01359fd885720af87e10b1b2
Conflict:NA
Signed-off-by: Lidong Chen <[email protected]>
Reviewed-by: Thomas Schmitt <[email protected]>
Reviewed-by: Daniel Kiper <[email protected]>
---
grub-core/fs/iso9660.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c
index 230048a..ecf6bbe 100644
--- a/grub-core/fs/iso9660.c
+++ b/grub-core/fs/iso9660.c
@@ -415,6 +415,9 @@ set_rockridge (struct grub_iso9660_data *data)
if (!sua_size)
return GRUB_ERR_NONE;
+ if (sua_size < GRUB_ISO9660_SUSP_HEADER_SZ)
+ return grub_error (GRUB_ERR_BAD_FS, "invalid rock ridge entry size");
+
sua = grub_malloc (sua_size);
if (! sua)
return grub_errno;
@@ -441,8 +444,17 @@ set_rockridge (struct grub_iso9660_data *data)
rootnode.have_symlink = 0;
rootnode.dirents[0] = data->voldesc.rootdir;
- /* The 2nd data byte stored how many bytes are skipped every time
- to get to the SUA (System Usage Area). */
+ /* The size of SP (version 1) is fixed to 7. */
+ if (sua_size < 7 || entry->len < 7)
+ {
+ grub_free (sua);
+ return grub_error (GRUB_ERR_BAD_FS, "corrupted rock ridge entry");
+ }
+
+ /*
+ * The 2nd data byte stored how many bytes are skipped every time
+ * to get to the SUA (System Usage Area).
+ */
data->susp_skip = entry->data[2];
entry = (struct grub_iso9660_susp_entry *) ((char *) entry + entry->len);
--
cgit v1.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手