RTOS/rtems
1
0
Fork 0
forked from Imagelibrary/rtems
Code Pull Requests Activity

fat: Fix for invalid cluster sizes

Browse Source 
A cluster size > 32KiB resulted in an infinite loop in
fat_init_volume_info() due to an integer overflow.

Update #2717.
This commit is contained in:
Sebastian Huber
2016-05-18 09:17:09 +02:00
parent f502882ef5
commit 276dfd9f3d
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpukit/libfs/src/dosfs/fat.c
View File

@@ -574,12 +574,14 @@ fat_init_volume_info(fat_fs_info_t *fs_info, const char *device)
/* /*
* "bytes per cluster" value greater than 32K is invalid * "bytes per cluster" value greater than 32K is invalid
*/ */
if ((vol->bpc = vol->bps << vol->spc_log2) > MS_BYTES_PER_CLUSTER_LIMIT) if (vol->bps > (MS_BYTES_PER_CLUSTER_LIMIT >> vol->spc_log2))
{ {
close(vol->fd); close(vol->fd);
rtems_set_errno_and_return_minus_one(EINVAL); rtems_set_errno_and_return_minus_one(EINVAL);
} }
vol->bpc = vol->bps << vol->spc_log2;
for (vol->bpc_log2 = 0, i = vol->bpc; (i & 1) == 0; for (vol->bpc_log2 = 0, i = vol->bpc; (i & 1) == 0;
i >>= 1, vol->bpc_log2++); i >>= 1, vol->bpc_log2++);