diff options
| author | Toomas Soome <tsoome@me.com> | 2019-12-13 10:00:19 +0200 |
|---|---|---|
| committer | Toomas Soome <tsoome@me.com> | 2019-12-16 18:48:39 +0200 |
| commit | e58ba7f235f59e7b79c7d4ce4fb02b7adc47273e (patch) | |
| tree | 8e8945f38b00c9fa8f1949fd4edddda2a3908e5b | |
| parent | 8047359fa9aaaf6af13c81ce125afa018449661d (diff) | |
| download | illumos-joyent-e58ba7f235f59e7b79c7d4ce4fb02b7adc47273e.tar.gz | |
12074 loader: cd9660_open() warn: is 'buf' large enough for 'struct iso_primary_descriptor'?
Reviewed by: John Levon <john.levon@joyent.com>
Reviewed by: C Fraire <cfraire@me.com>
Approved by: Dan McDonald <danmcd@joyent.com>
| -rw-r--r-- | usr/src/boot/Makefile.version | 2 | ||||
| -rw-r--r-- | usr/src/boot/lib/libstand/cd9660.c | 8 | ||||
| -rw-r--r-- | usr/src/boot/sys/boot/i386/isoboot/cd9660read.c | 4 |
3 files changed, 8 insertions, 6 deletions
diff --git a/usr/src/boot/Makefile.version b/usr/src/boot/Makefile.version index 4438fcc738..21a55e3451 100644 --- a/usr/src/boot/Makefile.version +++ b/usr/src/boot/Makefile.version @@ -33,4 +33,4 @@ LOADER_VERSION = 1.1 # Use date like formatting here, YYYY.MM.DD.XX, without leading zeroes. # The version is processed from left to right, the version number can only # be increased. -BOOT_VERSION = $(LOADER_VERSION)-2019.12.16.1 +BOOT_VERSION = $(LOADER_VERSION)-2019.12.16.2 diff --git a/usr/src/boot/lib/libstand/cd9660.c b/usr/src/boot/lib/libstand/cd9660.c index 487b994408..a17146fce5 100644 --- a/usr/src/boot/lib/libstand/cd9660.c +++ b/usr/src/boot/lib/libstand/cd9660.c @@ -286,7 +286,7 @@ cd9660_open(const char *path, struct open_file *f) struct file *fp = NULL; void *buf; struct iso_primary_descriptor *vd; - size_t buf_size, read, dsize, off; + size_t read, dsize, off; daddr_t bno, boff; struct iso_directory_record rec; struct iso_directory_record *dp = NULL; @@ -294,7 +294,8 @@ cd9660_open(const char *path, struct open_file *f) bool isdir = false; /* First find the volume descriptor */ - buf = malloc(buf_size = ISO_DEFAULT_BLOCK_SIZE); + buf = malloc(MAX(ISO_DEFAULT_BLOCK_SIZE, + sizeof (struct iso_primary_descriptor))); vd = buf; for (bno = 16; ; bno++) { twiddle(1); @@ -438,8 +439,7 @@ cd9660_open(const char *path, struct open_file *f) return (0); out: - if (fp) - free(fp); + free(fp); free(buf); return (rc); diff --git a/usr/src/boot/sys/boot/i386/isoboot/cd9660read.c b/usr/src/boot/sys/boot/i386/isoboot/cd9660read.c index f1e43d7a74..5a4113421e 100644 --- a/usr/src/boot/sys/boot/i386/isoboot/cd9660read.c +++ b/usr/src/boot/sys/boot/i386/isoboot/cd9660read.c @@ -33,6 +33,7 @@ /* $NetBSD: cd9660.c,v 1.5 1997/06/26 19:11:33 drochner Exp $ */ #include <sys/cdefs.h> +#include <sys/param.h> #include <fs/cd9660/iso.h> #include <fs/cd9660/cd9660_rrip.h> @@ -222,7 +223,8 @@ dirmatch(const char *path, struct iso_directory_record *dp, int use_rrip, static uint64_t cd9660_lookup(const char *path) { - static char blkbuf[ISO_DEFAULT_BLOCK_SIZE]; + static char blkbuf[MAX(ISO_DEFAULT_BLOCK_SIZE, + sizeof (struct iso_primary_descriptor))]; struct iso_primary_descriptor *vd; struct iso_directory_record rec; struct iso_directory_record *dp = NULL; |