summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2021-08-22 13:40:12 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2021-08-22 13:44:51 +0200
commit0d2125014c22caf55b0e5f3cfe11aa516cd6c2e3 (patch)
treefc57c9e551b69254fb24b9662b370c1dbb2dfea0
parentdc694ae0191ed50b7d5aea508e0f5207ba2b452a (diff)
Tighten bounds checks in sqfs_dir_reader_reader
Use the same size check as sqfs_dir_reader_open_dir and report EOF, even if it is possible to read the header itself, but nothing beyond that. Also check if it should be possible to read an entry header before attempting and report EOF if not. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
-rw-r--r--lib/sqfs/dir_reader.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/sqfs/dir_reader.c b/lib/sqfs/dir_reader.c
index e6467ef..f560069 100644
--- a/lib/sqfs/dir_reader.c
+++ b/lib/sqfs/dir_reader.c
@@ -164,7 +164,7 @@ int sqfs_dir_reader_read(sqfs_dir_reader_t *rd, sqfs_dir_entry_t **out)
int err;
if (!rd->entries) {
- if (rd->size < sizeof(rd->hdr))
+ if (rd->size <= sizeof(rd->hdr))
return 1;
err = sqfs_meta_reader_read_dir_header(rd->meta_dir, &rd->hdr);
@@ -175,6 +175,12 @@ int sqfs_dir_reader_read(sqfs_dir_reader_t *rd, sqfs_dir_entry_t **out)
rd->entries = rd->hdr.count + 1;
}
+ if (rd->size <= sizeof(*ent)) {
+ rd->size = 0;
+ rd->entries = 0;
+ return 1;
+ }
+
err = sqfs_meta_reader_read_dir_ent(rd->meta_dir, &ent);
if (err)
return err;