opengnsys
/
ntfs-3g
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Made sure there is no null character in an attribute name 

When copying an attribute name which contains a null, it is truncated
and this may lead to accessing non-allocated bytes when relying on the
expected name length. Such names must therefore be rejected.
pull/40/head
Jean-Pierre André 2021-09-21 10:54:50 +02:00
parent a8818cf779
commit 838b6e35b4
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libntfs-3g/attrib.c
View File

@ -414,7 +414,15 @@ ntfs_attr *ntfs_attr_open(ntfs_inode *ni, const ATTR_TYPES type,
na = ntfs_calloc(sizeof(ntfs_attr));
if (!na)
goto out;
if (!name_len)
name = (ntfschar*)NULL;
if (name && name != AT_UNNAMED && name != NTFS_INDEX_I30) {
/* A null char leads to a short name and unallocated bytes */
if (ntfs_ucsnlen(name, name_len) != name_len) {
ntfs_log_error("Null character in attribute name"
" of inode %lld\n",(long long)ni->mft_no);
goto err_out;
}
name = ntfs_ucsndup(name, name_len);
if (!name)
goto err_out;