tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-09-26 02:58:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ext4Pkg: Skip zero-sized extents

Browse Source 
Zero-sized extents should not be cached nor considered valid, as they
have no meaning. As such, reject them outright when caching extents.
This makes it so callers do not need to check for ee_len = 0 before
using the result, which, if not done, can result in possible infinite
loops.

Cc: Marvin Häuser <mhaeuser@posteo.de>
Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.")
Reported-by: Savva Mitrofanov <savvamtr@gmail.com>
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
This commit is contained in:
Pedro Falcato 2023-05-23 23:27:12 +01:00 committed by Mikhail Krichanov
parent b84aa16df8
commit 609600b7ee
1 changed files with 76 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
Ext4Pkg/Ext4Dxe/Extents.c
View File

@ -39,8 +39,11 @@ Ext4CalculateExtentChecksum (
@param[in] File Pointer to the open file. @param[in] File Pointer to the open file.
@param[in] Extents Pointer to an array of extents. @param[in] Extents Pointer to an array of extents.
@param[in] NumberExtents Length of the array. @param[in] NumberExtents Length of the array.
@return Result of the caching
**/ **/
VOID STATIC
EFI_STATUS
Ext4CacheExtents ( Ext4CacheExtents (
IN EXT4_FILE *File, IN EXT4_FILE *File,
IN CONST EXT4_EXTENT *Extents, IN CONST EXT4_EXTENT *Extents,
@ -283,7 +286,13 @@ Ext4GetExtent (
Status = Ext4GetBlocks (Partition, File, (UINT32)LogicalBlock, Extent); Status = Ext4GetBlocks (Partition, File, (UINT32)LogicalBlock, Extent);
if (!EFI_ERROR (Status)) { if (!EFI_ERROR (Status)) {
Ext4CacheExtents (File, Extent, 1); Status = Ext4CacheExtents (File, Extent, 1);
if (EFI_ERROR (Status) && (Status != EFI_OUT_OF_RESOURCES)) {
return Status;
}
Status = EFI_SUCCESS;
} }
return Status; return Status;
@ -363,7 +372,15 @@ Ext4GetExtent (
* by linux (and possibly other systems) is quite fancy and usually it results in a small number of extents. * by linux (and possibly other systems) is quite fancy and usually it results in a small number of extents.
* Therefore, we shouldn't have any memory issues. * Therefore, we shouldn't have any memory issues.
**/ **/
Ext4CacheExtents (File, (EXT4_EXTENT *)(ExtHeader + 1), ExtHeader->eh_entries); Status = Ext4CacheExtents (File, (EXT4_EXTENT *)(ExtHeader + 1), ExtHeader->eh_entries);
if (EFI_ERROR (Status) && (Status != EFI_OUT_OF_RESOURCES)) {
if (Buffer != NULL) {
FreePool (Buffer);
}
return Status;
}
Ext = Ext4BinsearchExtentExt (ExtHeader, LogicalBlock); Ext = Ext4BinsearchExtentExt (ExtHeader, LogicalBlock);
@ -519,8 +536,11 @@ Ext4FreeExtentsMap (
@param[in] File Pointer to the open file. @param[in] File Pointer to the open file.
@param[in] Extents Pointer to an array of extents. @param[in] Extents Pointer to an array of extents.
@param[in] NumberExtents Length of the array. @param[in] NumberExtents Length of the array.
@return Result of the caching
**/ **/
VOID STATIC
EFI_STATUS
Ext4CacheExtents ( Ext4CacheExtents (
IN EXT4_FILE *File, IN EXT4_FILE *File,
IN CONST EXT4_EXTENT *Extents, IN CONST EXT4_EXTENT *Extents,
@ -536,10 +556,15 @@ Ext4CacheExtents (
*/ */
for (Idx = 0; Idx < NumberExtents; Idx++, Extents++) { for (Idx = 0; Idx < NumberExtents; Idx++, Extents++) {
if (Extents->ee_len == 0) {
// 0-sized extent, must be corruption
return EFI_VOLUME_CORRUPTED;
}
Extent = AllocatePool (sizeof (EXT4_EXTENT)); Extent = AllocatePool (sizeof (EXT4_EXTENT));
if (Extent == NULL) { if (Extent == NULL) {
return; return EFI_OUT_OF_RESOURCES;
} }
CopyMem (Extent, Extents, sizeof (EXT4_EXTENT)); CopyMem (Extent, Extents, sizeof (EXT4_EXTENT));
@ -553,9 +578,11 @@ Ext4CacheExtents (
continue; continue;
} }
return; return EFI_SUCCESS;
} }
} }
return EFI_SUCCESS;
} }
/** /**