CVS commit: src/sbin/fsck_msdos

Mon, 07 Jul 2014 10:56:19 -0700 

Module Name:    src
Committed By:   christos
Date:           Mon Jul  7 17:55:53 UTC 2014

Modified Files:
        src/sbin/fsck_msdos: fat.c

Log Message:
From: http://marc.info/?l=openbsd-tech&m=140275150804337&w=2
Avoid infinite loops in cluster chain linked lists.


To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 src/sbin/fsck_msdos/fat.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sbin/fsck_msdos/fat.c
diff -u src/sbin/fsck_msdos/fat.c:1.25 src/sbin/fsck_msdos/fat.c:1.26
--- src/sbin/fsck_msdos/fat.c:1.25	Mon Jul  7 13:45:42 2014
+++ src/sbin/fsck_msdos/fat.c	Mon Jul  7 13:55:53 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: fat.c,v 1.25 2014/07/07 17:45:42 christos Exp $	*/
+/*	$NetBSD: fat.c,v 1.26 2014/07/07 17:55:53 christos Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997 Wolfgang Solfrank
@@ -28,7 +28,7 @@
 
 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: fat.c,v 1.25 2014/07/07 17:45:42 christos Exp $");
+__RCSID("$NetBSD: fat.c,v 1.26 2014/07/07 17:55:53 christos Exp $");
 #endif /* not lint */
 
 #include <stdlib.h>
@@ -413,10 +413,10 @@ checkfat(struct bootblock *boot, struct 
 			continue;
 
 		/* follow the chain to its end (hopefully) */
-		for (p = head;
+		for (len = fat[head].length, p = head;
 		     (n = fat[p].next) >= CLUST_FIRST && n < boot->NumClusters;
 		     p = n)
-			if (fat[n].head != head)
+			if (fat[n].head != head || len-- < 2)
 				break;
 		if (n >= CLUST_EOFS)
 			continue;
@@ -424,14 +424,20 @@ checkfat(struct bootblock *boot, struct 
 		if (n == CLUST_FREE || n >= CLUST_RSRVD) {
 			pwarn("Cluster chain starting at %u ends with cluster marked %s\n",
 			      head, rsrvdcltype(n));
+clear:
 			ret |= tryclear(boot, fat, head, &fat[p].next);
 			continue;
 		}
 		if (n < CLUST_FIRST || n >= boot->NumClusters) {
 			pwarn("Cluster chain starting at %u ends with cluster out of range (%u)\n",
-			      head, n);
-			ret |= tryclear(boot, fat, head, &fat[p].next);
-			continue;
+			    head, n);
+			goto clear;
+		}
+		if (head == fat[n].head) {
+			pwarn("Cluster chain starting at %u loops at cluster %u\n",
+			
+			    head, p);
+			goto clear;
 		}
 		pwarn("Cluster chains starting at %u and %u are linked at cluster %u\n",
 		      head, fat[n].head, n);

Reply via email to