opengnsys
/
ntfs-3g
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Checked attributes layout against length actually used 

The end of the attributes must be checked against the space in use
rather than the allocated space. This contributes to the safety of
subsequent attribute resizing.
edge.strict_endians^2
Jean-Pierre André 2021-07-12 08:31:18 +02:00
parent ec7bf54377
commit 84478c4012
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libntfs-3g/attrib.c
View File

@ -2801,7 +2801,7 @@ static int ntfs_attr_find(const ATTR_TYPES type, const ntfschar *name,
* and we can safely access its minimal fields.
*/
offs = p2n(a) - p2n(ctx->mrec);
space = le32_to_cpu(ctx->mrec->bytes_allocated) - offs;
space = le32_to_cpu(ctx->mrec->bytes_in_use) - offs;
if ((offs < 0)
|| (((space < (ptrdiff_t)offsetof(ATTR_RECORD,
resident_end))
@ -3256,7 +3256,7 @@ do_next_attr_loop:
* and we can safely access its minimal fields.
*/
offs = p2n(a) - p2n(ctx->mrec);
space = le32_to_cpu(ctx->mrec->bytes_allocated) - offs;
space = le32_to_cpu(ctx->mrec->bytes_in_use) - offs;
if (offs < 0)
break;
if ((space >= 4) && (a->type == AT_END))