[PATCH] fat: Fix for invalid cluster sizes
Sebastian Huber
sebastian.huber at embedded-brains.de
Thu May 19 09:55:05 UTC 2016
A cluster size > 32KiB resulted in an infinite loop in
fat_init_volume_info() due to an integer overflow.
Close #2717.
---
cpukit/libfs/src/dosfs/fat.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/cpukit/libfs/src/dosfs/fat.c b/cpukit/libfs/src/dosfs/fat.c
index 59f5309..2176ff3 100644
--- a/cpukit/libfs/src/dosfs/fat.c
+++ b/cpukit/libfs/src/dosfs/fat.c
@@ -574,12 +574,14 @@ fat_init_volume_info(fat_fs_info_t *fs_info, const char *device)
/*
* "bytes per cluster" value greater than 32K is invalid
*/
- if ((vol->bpc = vol->bps << vol->spc_log2) > MS_BYTES_PER_CLUSTER_LIMIT)
+ if (vol->bps > (MS_BYTES_PER_CLUSTER_LIMIT >> vol->spc_log2))
{
close(vol->fd);
rtems_set_errno_and_return_minus_one(EINVAL);
}
+ vol->bpc = vol->bps << vol->spc_log2;
+
for (vol->bpc_log2 = 0, i = vol->bpc; (i & 1) == 0;
i >>= 1, vol->bpc_log2++);
--
1.8.4.5
More information about the devel
mailing list