41 lines
1.4 KiB
Diff
41 lines
1.4 KiB
Diff
From 0cf52fc4a03db3c59ad31bde4e9a28b5642086dc Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
|
|
Date: Tue, 26 Sep 2023 00:27:22 +0200
|
|
Subject: [PATCH] libblkid: (ntfs) validate that sector_size is a power of two
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The NTFS prober reads data based off an offset of the sector size.
|
|
If the sector size is unaligned and the read data is cached then other
|
|
probers can read unaligned values.
|
|
|
|
Sector sizes for NTFS actually only make sense as power-of-two so
|
|
validate that and as a sideeffect avoid the unaligned reads.
|
|
|
|
Also add the reproducer from OSS-Fuzz that found this issue.
|
|
|
|
Fixes #2509
|
|
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
---
|
|
libblkid/src/superblocks/ntfs.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/libblkid/src/superblocks/ntfs.c b/libblkid/src/superblocks/ntfs.c
|
|
index dced699..0c4f297 100644
|
|
--- a/libblkid/src/superblocks/ntfs.c
|
|
+++ b/libblkid/src/superblocks/ntfs.c
|
|
@@ -97,7 +97,7 @@ static int __probe_ntfs(blkid_probe pr, const struct blkid_idmag *mag, int save_
|
|
*/
|
|
sector_size = le16_to_cpu(ns->bpb.sector_size);
|
|
|
|
- if (sector_size < 256 || sector_size > 4096)
|
|
+ if (sector_size < 256 || sector_size > 4096 || !is_power_of_2(sector_size))
|
|
return 1;
|
|
|
|
switch (ns->bpb.sectors_per_cluster) {
|
|
--
|
|
2.33.0
|
|
|