diff options
| author | Theodore Ts'o <tytso@mit.edu> | 1999-06-22 03:17:45 +0000 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 1999-06-22 03:17:45 +0000 |
| commit | 813bbb25a24ebba5177da18be413ea742efe5a8a (patch) | |
| tree | 6915ee3174db3d331f5c2a6355975139d805da3f /lib/ext2fs/dir_iterate.c | |
| parent | 08283b565e161e4abc1362ebe659dd6a6ec8f4c4 (diff) | |
| download | e2fsprogs-813bbb25a24ebba5177da18be413ea742efe5a8a.tar.gz | |
ChangeLog, dir_iterate.c:
dir_iterate.c (ext2fs_process_dir_block): Check for corrupted
directory entry before calling the callback function. This should
prevent some core dumps of insufficiently paranoid callback functions.
ChangeLog, unix.c:
unix.c (main): Add missing space in the disk write-protected message.
Diffstat (limited to 'lib/ext2fs/dir_iterate.c')
| -rw-r--r-- | lib/ext2fs/dir_iterate.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/ext2fs/dir_iterate.c b/lib/ext2fs/dir_iterate.c index 10a136a7..3fecf23f 100644 --- a/lib/ext2fs/dir_iterate.c +++ b/lib/ext2fs/dir_iterate.c @@ -98,6 +98,12 @@ int ext2fs_process_dir_block(ext2_filsys fs, while (offset < fs->blocksize) { dirent = (struct ext2_dir_entry *) (ctx->buf + offset); + if (((offset + dirent->rec_len) > fs->blocksize) || + (dirent->rec_len < 8) || + (((dirent->name_len & 0xFF)+8) > dirent->rec_len)) { + ctx->errcode = EXT2_ET_DIR_CORRUPTED; + return BLOCK_ABORT; + } if (!dirent->inode && !(ctx->flags & DIRENT_FLAG_INCLUDE_EMPTY)) goto next; @@ -120,12 +126,6 @@ int ext2fs_process_dir_block(ext2_filsys fs, break; } next: - if (((offset + dirent->rec_len) > fs->blocksize) || - (dirent->rec_len < 8) || - (((dirent->name_len & 0xFF)+8) > dirent->rec_len)) { - ctx->errcode = EXT2_ET_DIR_CORRUPTED; - return BLOCK_ABORT; - } offset += dirent->rec_len; } |