rpms/dosfstools
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- Bump to newer release

Browse Source 
- Fix numerous out-of-bound writes
This commit is contained in:
Lubomir Rintel 2009-12-06 11:39:52 +00:00
parent 67815e0014
commit 20f82bf492
6 changed files with 77 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1 +1 @@
dosfstools-3.0.1.tar.bz2
dosfstools-3.0.6.tar.bz2

67
dosfstools-3.0.6-bounds.patch Normal file
View File

@ -0,0 +1,67 @@
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 2 Dec 2009 22:49:11 +0100
Subject: [PATCH] Fix out-of bound writes
Firstly, packed attribute is added to the structure so that extension
is guarranteed to immediately follow name for the cross-name-extension
reads to succeed.
Secondly, writes into dir_entry->name that span through the extension as
well are split into two, so that FORTIFY_SOURCE's bound checking does
not abort dosfsck. There also was an off-by-one error in auto_rename()'s
sprintf().
diff -up dosfstools-3.0.6/src/check.c.bounds dosfstools-3.0.6/src/check.c
--- dosfstools-3.0.6/src/check.c.bounds 2009-10-04 09:15:58.000000000 +0200
+++ dosfstools-3.0.6/src/check.c 2009-12-06 12:32:42.922639364 +0100
@@ -131,7 +131,10 @@ loff_t alloc_rootdir_entry(DOS_FS *fs, D
}
memset(de,0,sizeof(DIR_ENT));
while (1) {
- sprintf(de->name,pattern,curr_num);
+ char expanded[12];
+ sprintf(expanded, pattern, curr_num);
+ memcpy(de->name+4, expanded, 4);
+ memcpy(de->ext, expanded+4, 3);
clu_num = fs->root_cluster;
i = 0;
offset2 = cluster_start(fs,clu_num);
@@ -349,8 +352,11 @@ static void auto_rename(DOS_FILE *file)
first = file->parent ? file->parent->first : root;
number = 0;
while (1) {
- sprintf(file->dir_ent.name, "FSCK%04d", number / 1000);
- sprintf(file->dir_ent.ext, "%03d", number % 1000);
+ char num[8];
+ sprintf(num, "%07d", number);
+ memcpy(file->dir_ent.name, "FSCK", 4);
+ memcpy(file->dir_ent.name+4, num, 4);
+ memcpy(file->dir_ent.ext, num+4, 3);
for (walk = first; walk; walk = walk->next)
if (walk != file && !strncmp(walk->dir_ent.name,file->dir_ent.
name,MSDOS_NAME)) break;
diff -up dosfstools-3.0.6/src/dosfsck.h.bounds dosfstools-3.0.6/src/dosfsck.h
--- dosfstools-3.0.6/src/dosfsck.h.bounds 2009-10-04 09:15:58.000000000 +0200
+++ dosfstools-3.0.6/src/dosfsck.h 2009-12-06 12:31:49.042643675 +0100
@@ -149,7 +149,7 @@ typedef struct {
__u16 starthi; /* High 16 bits of cluster in FAT32 */
__u16 time,date,start;/* time, date and first cluster */
__u32 size; /* file size (in bytes) */
-} DIR_ENT;
+} __attribute__ ((packed)) DIR_ENT;
typedef struct _dos_file {
DIR_ENT dir_ent;
diff -up dosfstools-3.0.6/src/mkdosfs.c.bounds dosfstools-3.0.6/src/mkdosfs.c
--- dosfstools-3.0.6/src/mkdosfs.c.bounds 2009-10-04 09:15:58.000000000 +0200
+++ dosfstools-3.0.6/src/mkdosfs.c 2009-12-06 12:31:49.048645872 +0100
@@ -1254,7 +1254,8 @@ setup_tables (void)
if ( memcmp(volume_name, " ", 11) )
{
struct msdos_dir_entry *de = &root_dir[0];
- memcpy(de->name, volume_name, 11);
+ memcpy(de->name, volume_name, 8);
+ memcpy(de->ext, volume_name+8, 3);
de->attr = ATTR_VOLUME;
ctime = localtime(&create_time);
de->time = CT_LE_W((unsigned short)((ctime->tm_sec >> 1) +

16
dosfstools-exit.patch
View File

@ -1,16 +0,0 @@
2009-01-30 Stepan Kasal <skasal@redhat.com>
* src/dosfslabel.c (main): After writing the label, exit code
should be 0.
diff -up dosfstools-3.0.1/src/dosfslabel.c.exit dosfstools-3.0.1/src/dosfslabel.c
--- dosfstools-3.0.1/src/dosfslabel.c.exit 2008-09-28 12:06:37.000000000 +0200
+++ dosfstools-3.0.1/src/dosfslabel.c 2009-01-30 14:28:47.000000000 +0100
@@ -122,5 +122,6 @@ int main(int argc, char *argv[])
}
write_label(&fs, label);
- return fs_close(rw) ? 1 : 0;
+ fs_close(rw);
+ return 0;
}

20
dosfstools-install-p.patch
View File

@ -1,20 +0,0 @@
2009-01-30 Stepan Kasal <skasal@redhat.com>
* Makefile: Do not clobber time stamps of doc files.
--- dosfstools-3.0.1/Makefile.p 2008-09-28 12:06:37.000000000 +0200
+++ dosfstools-3.0.1/Makefile 2009-01-30 12:25:59.000000000 +0100
@@ -58,11 +58,11 @@
install-doc:
install -d -m 0755 $(DESTDIR)/$(DOCDIR)/dosfstools
- install -m 0644 doc/* $(DESTDIR)/$(DOCDIR)/dosfstools
+ install -p -m 0644 doc/* $(DESTDIR)/$(DOCDIR)/dosfstools
install-man:
install -d -m 0755 $(DESTDIR)/$(MANDIR)/man8
- install -m 0644 man/*.8 $(DESTDIR)/$(MANDIR)/man8
+ install -p -m 0644 man/*.8 $(DESTDIR)/$(MANDIR)/man8
ln -sf dosfsck.8 $(DESTDIR)/$(MANDIR)/man8/fsck.msdos.8
ln -sf dosfsck.8 $(DESTDIR)/$(MANDIR)/man8/fsck.vfat.8

15
dosfstools.spec
View File

@ -1,7 +1,7 @@
Name: dosfstools
Summary: Utilities for making and checking MS-DOS FAT filesystems on Linux
Version: 3.0.1
Release: 6%{?dist}
Version: 3.0.6
Release: 1%{?dist}
License: GPLv3+
Group: Applications/System
Source0: http://www.daniel-baumann.ch/software/dosfstools/%{name}-%{version}.tar.bz2
@ -11,9 +11,7 @@ Obsoletes: mkdosfs-ygg
Provides: mkdosfs-ygg = %{version}
# Mailed to Daniel Baumann
Patch0: dosfstools-install-p.patch
# Mailed to Daniel Baumann
Patch1: dosfstools-exit.patch
Patch0: dosfstools-3.0.6-bounds.patch
%description
The dosfstools package includes the mkdosfs and dosfsck utilities,
@ -22,8 +20,7 @@ drives or on floppies.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch0 -p1 -b .bounds
%build
make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
@ -42,6 +39,10 @@ rm -rf %{buildroot}
%{_mandir}/man8/*
%changelog
* Sun Dec 06 2009 Lubomir Rintel <lkundrak@v3.sk> - 3.0.6-1
- Bump to newer release
- Fix numerous out-of-bound writes
* Mon Aug 10 2009 Ville Skyttä <ville.skytta@iki.fi> - 3.0.1-6
- Use bzipped upstream tarball.

2
sources
View File

@ -1 +1 @@
b8ed17de873367a1782f85c661563411 dosfstools-3.0.1.tar.bz2
ae64c11d3963cd49758aba2854a60b6e dosfstools-3.0.6.tar.bz2