libburnia
/
libisofs
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Bug fix: Reading damaged Rock Ridge data could cause SIGSEGV by NULL.

This commit is contained in:
Thomas Schmitt 2013-01-11 16:22:14 +01:00
parent 6e5f840f11
commit 05e7f84966
4 changed files with 28 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
bzr branch lp:libisofs/for-libisoburn (to become libisofs-1.2.8.tar.gz)
===============================================================================
- no novelties yet -
libisofs-1.2.6.tar.gz Tue Jan 08 2013 libisofs-1.2.6.tar.gz Tue Jan 08 2013
=============================================================================== ===============================================================================
* Bug fix: Appended partitions did not obey cylinder alignment * Bug fix: Appended partitions did not obey cylinder alignment

49
libisofs/fs_image.c
View File

@ -2857,9 +2857,9 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
{ {
int ret, idx, to_copy; int ret, idx, to_copy;
struct stat info; struct stat info;
IsoNode *new; IsoNode *new = NULL;
IsoBoot *bootcat; IsoBoot *bootcat;
char *name; char *name = NULL;
char *dest = NULL; char *dest = NULL;
ImageFileSourceData *data; ImageFileSourceData *data;
_ImageFsData *fsdata; _ImageFsData *fsdata;
@ -2887,7 +2887,6 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
goto ex; goto ex;
} }
new = NULL;
switch (info.st_mode & S_IFMT) { switch (info.st_mode & S_IFMT) {
case S_IFREG: case S_IFREG:
{ {
@ -2901,9 +2900,8 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
"More than one catalog node has been found. " "More than one catalog node has been found. "
"We can continue, but that could lead to " "We can continue, but that could lead to "
"problems"); "problems");
if (ret < 0) { if (ret < 0)
goto ex; goto ex;
}
iso_node_unref((IsoNode*)image->bootcat->node); iso_node_unref((IsoNode*)image->bootcat->node);
} }
@ -2911,9 +2909,7 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
* a regular file */ * a regular file */
new = calloc(1, sizeof(IsoBoot)); new = calloc(1, sizeof(IsoBoot));
if (new == NULL) { if (new == NULL) {
ret = ISO_OUT_OF_MEM; ret = ISO_OUT_OF_MEM; goto ex;
free(name);
goto ex;
} }
bootcat = (IsoBoot *) new; bootcat = (IsoBoot *) new;
bootcat->lba = data->sections[0].block; bootcat->lba = data->sections[0].block;
@ -2924,10 +2920,7 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
if (bootcat->size > 0) { if (bootcat->size > 0) {
bootcat->content = calloc(1, bootcat->size); bootcat->content = calloc(1, bootcat->size);
if (bootcat->content == NULL) { if (bootcat->content == NULL) {
ret = ISO_OUT_OF_MEM; ret = ISO_OUT_OF_MEM; goto ex;
free(name);
free(new);
goto ex;
} }
to_copy = bootcat->size; to_copy = bootcat->size;
if (bootcat->size > fsdata->catsize) if (bootcat->size > fsdata->catsize)
@ -2944,16 +2937,14 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
IsoFile *file; IsoFile *file;
ret = iso_file_source_stream_new(src, &stream); ret = iso_file_source_stream_new(src, &stream);
if (ret < 0) { if (ret < 0)
free(name);
goto ex; goto ex;
}
/* take a ref to the src, as stream has taken our ref */ /* take a ref to the src, as stream has taken our ref */
iso_file_source_ref(src); iso_file_source_ref(src);
file = calloc(1, sizeof(IsoFile)); file = calloc(1, sizeof(IsoFile));
if (file == NULL) { if (file == NULL) {
free(name);
iso_stream_unref(stream); iso_stream_unref(stream);
{ret = ISO_OUT_OF_MEM; goto ex;} {ret = ISO_OUT_OF_MEM; goto ex;}
} }
@ -2977,7 +2968,6 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
data->block_size_log2, data->block_size_log2,
data->uncompressed_size, 0); data->uncompressed_size, 0);
if (ret < 0) { if (ret < 0) {
free(name);
iso_stream_unref(stream); iso_stream_unref(stream);
goto ex; goto ex;
} }
@ -3008,7 +2998,6 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
ret = iso_msg_submit(image->id, ISO_EL_TORITO_WARN, 0, ret = iso_msg_submit(image->id, ISO_EL_TORITO_WARN, 0,
"More than one ISO node has been found for the same boot image."); "More than one ISO node has been found for the same boot image.");
if (ret < 0) { if (ret < 0) {
free(name);
iso_stream_unref(stream); iso_stream_unref(stream);
goto ex; goto ex;
} }
@ -3026,7 +3015,6 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
/* source is a directory */ /* source is a directory */
new = calloc(1, sizeof(IsoDir)); new = calloc(1, sizeof(IsoDir));
if (new == NULL) { if (new == NULL) {
free(name);
{ret = ISO_OUT_OF_MEM; goto ex;} {ret = ISO_OUT_OF_MEM; goto ex;}
} }
new->type = LIBISO_DIR; new->type = LIBISO_DIR;
@ -3042,12 +3030,10 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
ret = iso_file_source_readlink(src, dest, LIBISOFS_NODE_PATH_MAX); ret = iso_file_source_readlink(src, dest, LIBISOFS_NODE_PATH_MAX);
if (ret < 0) { if (ret < 0) {
free(name);
goto ex; goto ex;
} }
link = calloc(1, sizeof(IsoSymlink)); link = calloc(1, sizeof(IsoSymlink));
if (link == NULL) { if (link == NULL) {
free(name);
{ret = ISO_OUT_OF_MEM; goto ex;} {ret = ISO_OUT_OF_MEM; goto ex;}
} }
link->dest = strdup(dest); link->dest = strdup(dest);
@ -3068,8 +3054,7 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
IsoSpecial *special; IsoSpecial *special;
special = calloc(1, sizeof(IsoSpecial)); special = calloc(1, sizeof(IsoSpecial));
if (special == NULL) { if (special == NULL) {
free(name); ret = ISO_OUT_OF_MEM; goto ex;
{ret = ISO_OUT_OF_MEM; goto ex;}
} }
special->dev = info.st_rdev; special->dev = info.st_rdev;
special->node.type = LIBISO_SPECIAL; special->node.type = LIBISO_SPECIAL;
@ -3080,11 +3065,12 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
new->refcount = 0; new->refcount = 0;
} }
break; break;
default:
ret = ISO_BAD_ISO_FILETYPE; goto ex;
} }
/* fill fields */ /* fill fields */
new->refcount++; new->refcount++;
new->name = name; new->name = name; name = NULL;
new->mode = info.st_mode; new->mode = info.st_mode;
new->uid = info.st_uid; new->uid = info.st_uid;
new->gid = info.st_gid; new->gid = info.st_gid;
@ -3099,7 +3085,7 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
ret = src_aa_to_node(src, new, 0); ret = src_aa_to_node(src, new, 0);
if (ret < 0) { if (ret < 0) {
goto failure; goto ex;
} }
/* Attach ino as xinfo if valid and no IsoStream is involved */ /* Attach ino as xinfo if valid and no IsoStream is involved */
@ -3107,18 +3093,17 @@ int image_builder_create_node(IsoNodeBuilder *builder, IsoImage *image,
!fsdata->make_new_ino) { !fsdata->make_new_ino) {
ret = iso_node_set_ino(new, info.st_ino, 0); ret = iso_node_set_ino(new, info.st_ino, 0);
if (ret < 0) if (ret < 0)
goto failure; goto ex;
} }
*node = new; *node = new; new = NULL;
{ret = ISO_SUCCESS; goto ex;} {ret = ISO_SUCCESS; goto ex;}
failure:; ex:;
/* todo: stuff any possible memory leak here */
if (name != NULL) if (name != NULL)
free(name); free(name);
free(new); if (new != NULL)
ex:; iso_node_unref(new);
LIBISO_FREE_MEM(dest); LIBISO_FREE_MEM(dest);
return ret; return ret;
} }

5
libisofs/libisofs.h
View File

@ -7424,11 +7424,14 @@ int iso_image_hfsplus_get_blessed(IsoImage *img, IsoNode ***blessed_nodes,
/** Too many chained symbolic links (FAILURE, HIGH, -395) */ /** Too many chained symbolic links (FAILURE, HIGH, -395) */
#define ISO_DEEP_SYMLINK 0xE830FE75 #define ISO_DEEP_SYMLINK 0xE830FE75
/** Unrecognized file type in ISO image (FAILURE, HIGH, -396) */
#define ISO_BAD_ISO_FILETYPE 0xE830FE74
/* Internal developer note: /* Internal developer note:
Place new error codes directly above this comment. Place new error codes directly above this comment.
Newly introduced errors must get a message entry in Newly introduced errors must get a message entry in
libisofs/message.c, function iso_error_to_msg() libisofs/messages.c, function iso_error_to_msg()
*/ */
/* ! PLACE NEW ERROR CODES ABOVE. NOT AFTER THIS LINE ! */ /* ! PLACE NEW ERROR CODES ABOVE. NOT AFTER THIS LINE ! */

2
libisofs/messages.c
View File

@ -500,6 +500,8 @@ const char *iso_error_to_msg(int errcode)
return "Symbolic link cannot be resolved"; return "Symbolic link cannot be resolved";
case ISO_DEEP_SYMLINK: case ISO_DEEP_SYMLINK:
return "Too many chained symbolic links"; return "Too many chained symbolic links";
case ISO_BAD_ISO_FILETYPE:
return "Unrecognized file type in ISO image";
default: default:
return "Unknown error"; return "Unknown error";
} }