NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/45285 CVS commit: src/usr.sbin/makefs

The following reply was made to PR bin/45285; it has been noted by GNATS.

From: "Christos Zoulas" <>
Subject: PR/45285 CVS commit: src/usr.sbin/makefs
Date: Tue, 23 Aug 2011 13:09:11 -0400

 Module Name:   src
 Committed By:  christos
 Date:          Tue Aug 23 17:09:11 UTC 2011
 Modified Files:
        src/usr.sbin/makefs: cd9660.c
 Log Message:
 PR/45285: Martin Matuska: makefs does not properly convert ISO level 1 and 2
 filenames (buffer overflow)
 makefs does not properly verify the maximum filename length in the
 special "." case for both ISO level 1 and ISO level 2 filename
 conversion.  This creates broken images or causes a buffer overflow
 (ISO level 2).
 ISO level 1:
 If a filename contains only dots or up to 8 characters followed by
 dots the 8+3 limit check doesn't work.
 ISO level 2:
 If a filename contains a dot in the first 30 characters and a dot
 on the 30th character, the length limit check doesn't work and the
 buffer is overflowed.
 $ mkdir level1
 $ touch level1/12345............
 $ makefs -t cd9660 -o isolevel=1 test.iso level1
 $ mkdir level2
 $ touch level2/1234567890.2345678901234567.....34567890123456789012345
 $ makefs -t cd9660 -o isolevel=2 test.iso level2
 To generate a diff of this commit:
 cvs rdiff -u -r1.31 -r1.32 src/usr.sbin/makefs/cd9660.c
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index