From cd80a4fe611d7cb4153a6ed39d1e5052c702fb12 Mon Sep 17 00:00:00 2001 From: Patrick Wildt Date: Mon, 26 Nov 2018 15:56:57 +0100 Subject: fs: check FAT cluster size The cluster size specifies how many sectors make up a cluster. A cluster size of zero makes no sense, as it would mean that the cluster is made up of no sectors. This will later lead into a division by zero in sect_to_clust(), so better take care of that early. The MAX_CLUSTSIZE define can reduced using a define to make some room in low-memory system. Unfortunately if the code reads a filesystem with a bigger cluster size it will overflow the buffer. Signed-off-by: Patrick Wildt --- fs/fat/fat.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'fs') diff --git a/fs/fat/fat.c b/fs/fat/fat.c index 4bc3030ab8..e0c076763f 100644 --- a/fs/fat/fat.c +++ b/fs/fat/fat.c @@ -571,6 +571,17 @@ static int get_fs_info(fsdata *mydata) mydata->sect_size, cur_part_info.blksz); return -1; } + if (mydata->clust_size == 0) { + printf("Error: FAT cluster size not set\n"); + return -1; + } + if ((unsigned int)mydata->clust_size * mydata->sect_size > + MAX_CLUSTSIZE) { + printf("Error: FAT cluster size too big (cs=%u, max=%u)\n", + (unsigned int)mydata->clust_size * mydata->sect_size, + MAX_CLUSTSIZE); + return -1; + } if (mydata->fatsize == 32) { mydata->data_begin = mydata->rootdir_sect - -- cgit v1.2.3