[OpenBIOS] r546 - trunk/openbios-devel/modules

[svn at openbios.org]

Author: laurent
Date: 2009-08-10 22:18:27 +0200 (Mon, 10 Aug 2009)
New Revision: 546

Modified:
   trunk/openbios-devel/modules/disk-label.c
Log:
This patch modifies disk-label.c to not allow to read beyond 
the selected partition limits.

Signed-off-by: Laurent Vivier <Laurent at vivier.eu>



Modified: trunk/openbios-devel/modules/disk-label.c
===================================================================
--- trunk/openbios-devel/modules/disk-label.c	2009-08-10 19:57:43 UTC (rev 545)
+++ trunk/openbios-devel/modules/disk-label.c	2009-08-10 20:18:27 UTC (rev 546)
@@ -99,8 +99,8 @@
 		if( ph ) {
 			di->offs_hi = 0;
 			di->offs_lo = 0;
-			di->size_hi = -1;
-			di->size_lo = -1;
+			di->size_hi = 0;
+			di->size_lo = 0;
 			di->part_ih = 0;
 			di->type = -1;
 			di->block_size = 512;
@@ -174,7 +174,14 @@
 {
 	int ret, len = POP();
 	char *buf = (char*)POP();
+	llong pos = tell( di->fd );
+	ducell offs = ((ducell)di->offs_hi << BITS) | di->offs_lo;
+	ducell size = ((ducell)di->size_hi << BITS) | di->size_lo;
 
+	if (size && len > pos - offs + size) {
+		len = size - (pos - offs);
+	}
+
 	ret = read_io( di->fd, buf, len );
 	PUSH( ret );
 }
@@ -188,6 +195,7 @@
 	ducell offs = ((ducell)di->offs_hi << BITS) | di->offs_lo;
 	ducell size = ((ducell)di->size_hi << BITS) | di->size_lo;
 
+	DPRINTF("dlabel_seek %llx [%llx, %llx]\n", pos, offs, size);
 	if( pos != -1 )
 		pos += offs;
 	else if( size ) {
@@ -196,8 +204,12 @@
 	} else {
 		/* let parent handle the EOF seek. */
 	}
+	DPRINTF("dlabel_seek: 0x%llx\n", pos );
+	if (size && (pos - offs >= size )) {
+		PUSH(-1);
+		return;
+	}
 
-	DPRINTF("dlabel_seek: %x %08x\n", (int)(pos>>32), (int)pos );
 	ret = seek_io( di->fd, pos );
 	PUSH( ret );
 }