From 1261e6b60a33a5984c5662313505998625318d3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= Date: Mon, 26 Jul 2021 08:49:45 +0200 Subject: [PATCH] Fixed the detection of the end of attribute list The recent detection of a truncated attribute list entry overlooked the normal detection of the end of list. Moreover the check for name overflow is to be done later and not needed at this stage. --- libntfs-3g/attrib.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c index 420fb493..e8d6fafb 100644 --- a/libntfs-3g/attrib.c +++ b/libntfs-3g/attrib.c @@ -3092,10 +3092,11 @@ static int ntfs_external_attr_find(ATTR_TYPES type, const ntfschar *name, al_entry = (ATTR_LIST_ENTRY*)((char*)ctx->al_entry + le16_to_cpu(ctx->al_entry->length)); - if ((al_entry->name_length - && ((u8*)al_entry + al_entry->name_offset - + al_entry->name_length * sizeof(ntfschar)) - > al_end)) + if ((u8*)al_entry == al_end) + goto not_found; + /* Preliminary check for small entry */ + if ((p2n(al_end) - p2n(al_entry)) + < (long)offsetof(ATTR_LIST_ENTRY, name)) goto corrupt; /* * If this is an enumeration and the attribute list attribute