[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 0/5] fs/iso9660: Fix out-of-bounds read
From: |
Lidong Chen |
Subject: |
[PATCH v2 0/5] fs/iso9660: Fix out-of-bounds read |
Date: |
Wed, 18 Jan 2023 08:23:53 +0000 |
This is the v2 patches set which addressed the review comments
from Thomas Schmitt. Many thanks to Thomas for the review
comments as well as the detailed explanation and test instruction.
Patch 0005 is a new patch addressing an old bug pointed out
by Thomas. Thanks Thomas for providing the fix.
Thomas also pointed out the issue of the potential endless
loops by CE. Since the sugguested fix requires a bit more
investigation, and as Thomas pointed out that it should be
handled in a separate patch, the fix is not included in this
this v2 patches set. Because I am not an expert, it would
be better that someone else can work on it. For the background
info and the comments, please see this email. The bottom half
of the email addressed the endless loop issue:
https://www.mail-archive.com/grub-devel@gnu.org/msg35785.html
For the testing, it passed grub-fstest and make check. The fuzz
test (ran for 2 days) confirmed that the patches fixed the issues.
Lidong Chen (5):
fs/iso9660: Add check to prevent infinite loop
fs/iso9660: Prevent read past the end of system use area
fs/iso9660: Avoid reading past the entry boundary
fs/iso9660: Incorrect check for entry boundary
fs/iso9660: Prevent skipping CE or ST at start of continuation area
grub-core/fs/iso9660.c | 96 +++++++++++++++++++++++++++++++++++++++---
1 file changed, 89 insertions(+), 7 deletions(-)
--
2.35.1
- [PATCH v2 0/5] fs/iso9660: Fix out-of-bounds read,
Lidong Chen <=