Blame SOURCES/0006-handle-Check-that-pages-do-not-extend-beyond-the-end.patch
|
 |
c1e277 |
From 5c718aab579d693ea3169ab4d29b5c3bc9105aa1 Mon Sep 17 00:00:00 2001
|
|
|
c1e277 |
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
|
c1e277 |
Date: Thu, 30 Oct 2014 14:02:25 +0000
|
|
|
c1e277 |
Subject: [PATCH 06/12] handle: Check that pages do not extend beyond the end
|
|
|
c1e277 |
of the file.
|
|
|
c1e277 |
|
|
|
c1e277 |
Thanks: Mahmoud Al-Qudsi
|
|
|
c1e277 |
(cherry picked from commit 4bbdf555f88baeae0fa804a369a81a83908bd705)
|
|
|
c1e277 |
---
|
|
|
c1e277 |
lib/handle.c | 7 +++++++
|
|
|
c1e277 |
1 file changed, 7 insertions(+)
|
|
|
c1e277 |
|
|
|
c1e277 |
diff --git a/lib/handle.c b/lib/handle.c
|
|
|
c1e277 |
index a3cbcf7..3a8f09b 100644
|
|
|
c1e277 |
--- a/lib/handle.c
|
|
|
c1e277 |
+++ b/lib/handle.c
|
|
|
c1e277 |
@@ -247,6 +247,13 @@ hivex_open (const char *filename, int flags)
|
|
|
c1e277 |
goto error;
|
|
|
c1e277 |
}
|
|
|
c1e277 |
|
|
|
c1e277 |
+ if (off + page_size > h->size) {
|
|
|
c1e277 |
+ SET_ERRNO (ENOTSUP,
|
|
|
c1e277 |
+ "%s: page size %zu at 0x%zx extends beyond end of file, bad registry",
|
|
|
c1e277 |
+ filename, page_size, off);
|
|
|
c1e277 |
+ goto error;
|
|
|
c1e277 |
+ }
|
|
|
c1e277 |
+
|
|
|
c1e277 |
/* Read the blocks in this page. */
|
|
|
c1e277 |
size_t blkoff;
|
|
|
c1e277 |
struct ntreg_hbin_block *block;
|
|
|
c1e277 |
--
|
|
|
c1e277 |
1.8.3.1
|
|
|
c1e277 |
|