From 029a8db2701afb0653c6e789c878bb768ceb87e1 Mon Sep 17 00:00:00 2001
From: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Date: Fri, 23 Aug 2019 12:10:16 +0200
Subject: Do bounds checking in metadata reader

In all cases where metadata blocks are read, we can roughly (in some
cases even preciesly) say in what range those metadata blocks will be,
so it makes sense to throw an error if an attempt is made to wander
outside this range.

Furthermore, when reading from an uncompressed block, it is more reasonable
to check against the actual block bounds than to padd it with 0 bytes.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
---
 include/highlevel.h   | 3 ++-
 include/meta_reader.h | 9 +++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

(limited to 'include')

diff --git a/include/highlevel.h b/include/highlevel.h
index f8c5bfb..a455234 100644
--- a/include/highlevel.h
+++ b/include/highlevel.h
@@ -50,7 +50,8 @@ int sqfs_write_table(int outfd, sqfs_super_t *super, compressor_t *cmp,
 		     const void *data, size_t table_size, uint64_t *start);
 
 void *sqfs_read_table(int fd, compressor_t *cmp, size_t table_size,
-		      uint64_t location);
+		      uint64_t location, uint64_t lower_limit,
+		      uint64_t upper_limit);
 
 /*
   High level helper function to serialize an entire file system tree to
diff --git a/include/meta_reader.h b/include/meta_reader.h
index 8369ad3..d5628af 100644
--- a/include/meta_reader.h
+++ b/include/meta_reader.h
@@ -15,8 +15,13 @@
 typedef struct meta_reader_t meta_reader_t;
 
 /* Create a meta data reader using a given compressor to extract data.
-   Internally prints error message to stderr on failure. */
-meta_reader_t *meta_reader_create(int fd, compressor_t *cmp);
+   Internally prints error message to stderr on failure.
+
+   Start offset and limit can be specified to do bounds checking against
+   a subregion of the filesystem image.
+*/
+meta_reader_t *meta_reader_create(int fd, compressor_t *cmp,
+				  uint64_t start, uint64_t limit);
 
 void meta_reader_destroy(meta_reader_t *m);
 
-- 
cgit v1.2.3