Module Name: src
Committed By: christos
Date: Tue Aug 23 17:09:11 UTC 2011
Modified Files:
src/usr.sbin/makefs: cd9660.c
Log Message:
PR/45285: Martin Matuska: makefs does not properly convert ISO level 1 and 2
filenames (buffer overflow)
makefs does not properly verify the maximum filename length in the
special "." case for both ISO level 1 and ISO level 2 filename
conversion. This creates broken images or causes a buffer overflow
(ISO level 2).
ISO level 1:
If a filename contains only dots or up to 8 characters followed by
dots the 8+3 limit check doesn't work.
ISO level 2:
If a filename contains a dot in the first 30 characters and a dot
on the 30th character, the length limit check doesn't work and the
buffer is overflowed.
$ mkdir level1
$ touch level1/12345............
$ makefs -t cd9660 -o isolevel=1 test.iso level1
$ mkdir level2
$ touch level2/1234567890.2345678901234567.....34567890123456789012345
$ makefs -t cd9660 -o isolevel=2 test.iso level2
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/usr.sbin/makefs/cd9660.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
