rpms / gdisk

Clone
Source Code
GIT

Blame SOURCES/gdisk-CVE-2020-0256.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8s
  2.   SOURCES
  3.   gdisk-CVE-2020-0256.patch
Blob History Raw
d8f8be 
From e44306f00bd12f4dca2db20eaba103ff2f260d87 Mon Sep 17 00:00:00 2001
d8f8be 
From: Rod Smith <rodsmith@rodsbooks.com>
d8f8be 
Date: Mon, 14 Sep 2020 10:08:18 -0400
d8f8be 
Subject: [PATCH 1/2] Fix segfault on some weird data structures
d8f8be
d8f8be 
---
d8f8be 
 gpt.cc | 13 ++++++++++++-
d8f8be 
 1 file changed, 12 insertions(+), 1 deletion(-)
d8f8be
d8f8be 
diff --git a/gpt.cc b/gpt.cc
d8f8be 
index 03a2156..d0242d3 100644
d8f8be 
--- a/gpt.cc
d8f8be 
+++ b/gpt.cc
d8f8be 
@@ -983,6 +983,14 @@ int GPTData::LoadHeader(struct GPTHeader *header, DiskIO & disk, uint64_t sector
d8f8be 
    } // if
d8f8be 
    *crcOk = CheckHeaderCRC(&tempHeader);
d8f8be
d8f8be 
+   if (tempHeader.sizeOfPartitionEntries != sizeof(GPTPart)) {
d8f8be 
+       cerr << "Warning: Partition table header claims that the size of partition table\n";
d8f8be 
+       cerr << "entries is " << tempHeader.sizeOfPartitionEntries << " bytes, but this program ";
d8f8be 
+       cerr << " supports only " << sizeof(GPTPart) << "-byte entries.\n";
d8f8be 
+       cerr << "Adjusting accordingly, but partition table may be garbage.\n";
d8f8be 
+       tempHeader.sizeOfPartitionEntries = sizeof(GPTPart);
d8f8be 
+   }
d8f8be 
+
d8f8be 
    if (allOK && (numParts != tempHeader.numParts) && *crcOk) {
d8f8be 
       allOK = SetGPTSize(tempHeader.numParts, 0);
d8f8be 
    }
d8f8be 
@@ -1000,7 +1008,10 @@ int GPTData::LoadPartitionTable(const struct GPTHeader & header, DiskIO & disk,
d8f8be 
    uint32_t sizeOfParts, newCRC;
d8f8be 
    int retval;
d8f8be
d8f8be 
-   if (disk.OpenForRead()) {
d8f8be 
+   if (header.sizeOfPartitionEntries != sizeof(GPTPart)) {
d8f8be 
+      cerr << "Error! GPT header contains invalid partition entry size!\n";
d8f8be 
+      retval = 0;
d8f8be 
+   } else if (disk.OpenForRead()) {
d8f8be 
       if (sector == 0) {
d8f8be 
          retval = disk.Seek(header.partitionEntriesLBA);
d8f8be 
       } else {
d8f8be 
--
d8f8be 
2.35.1
d8f8be

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation