LGTM On Thu, Apr 20, 2023 at 8:00 PM Lidong Chen <lidong.c...@oracle.com> wrote: > > The invalid btree node size can cause crashes when parsing > the btree. The fix is to ensure the btree node size is within > the valid range defined in the HFS Plus techical note, TN1150. > > https://developer.apple.com/library/archive/technotes/tn/tn1150.html > > Signed-off-by: Lidong Chen <lidong.c...@oracle.com> > --- > grub-core/fs/hfsplus.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c > index 6337cbfcb..1ffebc8be 100644 > --- a/grub-core/fs/hfsplus.c > +++ b/grub-core/fs/hfsplus.c > @@ -84,6 +84,9 @@ struct grub_hfsplus_catfile > #define GRUB_HFSPLUS_FILEMODE_DIRECTORY 0040000 > #define GRUB_HFSPLUS_FILEMODE_SYMLINK 0120000 > > +#define HFSPLUS_BTNODE_MINSZ (1 << 9) > +#define HFSPLUS_BTNODE_MAXSZ (1 << 15) > + > /* Some pre-defined file IDs. */ > enum > { > @@ -584,6 +587,10 @@ grub_hfsplus_btree_search (struct grub_hfsplus_btree > *btree, > return 0; > } > > + if (btree->nodesize < HFSPLUS_BTNODE_MINSZ || > + btree->nodesize > HFSPLUS_BTNODE_MAXSZ) > + return grub_error (GRUB_ERR_BAD_FS, "invalid HFS+ btree node size"); > + > node = grub_malloc (btree->nodesize); > if (! node) > return grub_errno; > -- > 2.39.1 > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel
-- Regards Vladimir 'phcoder' Serbinenko _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
