git: 9f4073d44628 - main - geom label msdosfs: sanity check BPB before using it for io request

Konstantin Belousov Fri, 07 Jan 2022 20:30:02 -0800

The branch main has been updated by kib:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=9f4073d44628bc70dbe67df5163266cbfbe37167


commit 9f4073d44628bc70dbe67df5163266cbfbe37167
Author:     Konstantin Belousov <[email protected]>
AuthorDate: 2021-12-30 13:17:59 +0000
Commit:     Konstantin Belousov <[email protected]>
CommitDate: 2022-01-08 03:41:44 +0000

    geom label msdosfs: sanity check BPB before using it for io request
    
    It must be greater than zero, and be multiple of the device block size.
    
    In collaboration with:  pho
    Reviewed by:    markj, mckusick
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D33721
---
 sys/geom/label/g_label_msdosfs.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sys/geom/label/g_label_msdosfs.c b/sys/geom/label/g_label_msdosfs.c
index 06d5f2a8e0f0..f138d1eda716 100644
--- a/sys/geom/label/g_label_msdosfs.c
+++ b/sys/geom/label/g_label_msdosfs.c
@@ -156,6 +156,12 @@ g_label_msdosfs_taste(struct g_consumer *cp, char *label, 
size_t size)
                G_LABEL_DEBUG(2,
                    "MSDOSFS: FAT_FirstDataSector=0x%x, FAT_BytesPerSector=%d",
                    fat_FirstDataSector, fat_BytesPerSector);
+               if (fat_BytesPerSector == 0 ||
+                   fat_BytesPerSector % pp->sectorsize != 0) {
+                       G_LABEL_DEBUG(1, "MSDOSFS: %s: corrupted BPB",
+                           pp->name);
+                       goto error;
+               }
 
                for (offset = fat_BytesPerSector * fat_FirstDataSector;;
                    offset += fat_BytesPerSector) {

git: 9f4073d44628 - main - geom label msdosfs: sanity check BPB before using it for io request

Reply via email to