Jim Meyering
2009-Nov-03 17:55 UTC
[Libguestfs] [PATCH libguestfs] hivex: fail upon integer overflow
This is probably only theoretical, but just the same...>From 29edcca195d2998ca4a54aacec261752a3bdeb3d Mon Sep 17 00:00:00 2001From: Jim Meyering <meyering at redhat.com> Date: Tue, 3 Nov 2009 18:50:23 +0100 Subject: [PATCH libguestfs] hivex: fail upon integer overflow * hivex/hivex.c (windows_utf16_to_utf8): Avoid overflow and a potential infloop. --- hivex/hivex.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/hivex/hivex.c b/hivex/hivex.c index b522ccf..9c28679 100644 --- a/hivex/hivex.c +++ b/hivex/hivex.c @@ -1031,9 +1031,12 @@ windows_utf16_to_utf8 (/* const */ char *input, size_t len) size_t r = iconv (ic, &inp, &inlen, &outp, &outlen); if (r == (size_t) -1) { if (errno == E2BIG) { + size_t prev = outalloc; /* Try again with a larger output buffer. */ free (out); outalloc *= 2; + if (outalloc < prev) + return NULL goto again; } else { -- 1.6.5.2.292.g1cda2
Richard W.M. Jones
2009-Nov-04 11:38 UTC
[Libguestfs] [PATCH libguestfs] hivex: fail upon integer overflow
On Tue, Nov 03, 2009 at 06:55:21PM +0100, Jim Meyering wrote:> This is probably only theoretical, but just the same...Thanks Jim, I pushed it: http://git.et.redhat.com/?p=libguestfs.git;a=commitdiff;h=ef642eb4e3bb278b5df14fbcf30403e3d30dcef3 Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones New in Fedora 11: Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 70 libraries supprt'd http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw
Reasonably Related Threads
- Fwd: [PATCH hivex] non-ASCII characters in node names
- [hivex] [PATCH 2/2] hivex: Expose embedded hive file name
- [PATCH v3 1/2] common: extract UTF-8 conversion function
- hivex: some issues (key encoding, ...) and suggested fixes
- [hivex] [PATCH 1/2] hivex: Expose hive major and minor version