[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/45285 CVS commit: src/usr.sbin/makefs
The following reply was made to PR bin/45285; it has been noted by GNATS.
From: "Christos Zoulas" <christos%netbsd.org@localhost>
Subject: PR/45285 CVS commit: src/usr.sbin/makefs
Date: Tue, 23 Aug 2011 13:09:11 -0400
Module Name: src
Committed By: christos
Date: Tue Aug 23 17:09:11 UTC 2011
PR/45285: Martin Matuska: makefs does not properly convert ISO level 1 and 2
filenames (buffer overflow)
makefs does not properly verify the maximum filename length in the
special "." case for both ISO level 1 and ISO level 2 filename
conversion. This creates broken images or causes a buffer overflow
(ISO level 2).
ISO level 1:
If a filename contains only dots or up to 8 characters followed by
dots the 8+3 limit check doesn't work.
ISO level 2:
If a filename contains a dot in the first 30 characters and a dot
on the 30th character, the length limit check doesn't work and the
buffer is overflowed.
$ mkdir level1
$ touch level1/12345............
$ makefs -t cd9660 -o isolevel=1 test.iso level1
$ mkdir level2
$ touch level2/1234567890.2345678901234567.....34567890123456789012345
$ makefs -t cd9660 -o isolevel=2 test.iso level2
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/usr.sbin/makefs/cd9660.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |