packages/sleuthkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!17 Add attributes file nodesize check to fix heap overflow

Browse Source 
From: @ultra_planet
Reviewed-by: @small_leek
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2020-12-18 14:05:55 +08:00 committed by Gitee
commit 248ea3313a
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
0006-Add-attributes-file-nodesize-check.patch Normal file
View File

@ -0,0 +1,35 @@
From 6d709c18097b2b60a8583baf0714648a363b724e Mon Sep 17 00:00:00 2001
From: lingsheng <lingsheng@huawei.com>
Date: Fri, 18 Dec 2020 10:52:36 +0800
Subject: [PATCH] Add attributes file nodesize check
---
tsk/fs/hfs.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
index 43dc2a9..636c4b7 100644
--- a/tsk/fs/hfs.c
+++ b/tsk/fs/hfs.c
@@ -3970,6 +3970,18 @@ hfs_load_extended_attrs(TSK_FS_FILE * fs_file,
return 0;
}
+ // Is the Attributes file nodesize valid?
+ // byte size of each node(512..32768)
+ if (attrFile.nodeSize < 512 || attrFile.nodeSize > 32768) {
+ if (tsk_verbose)
+ tsk_fprintf(stderr,
+ "hfs_load_extended_attrs: Attributes file nodesize is invalid\n");
+ close_attr_file(&attrFile);
+ *isCompressed = FALSE;
+ *cmpType = 0;
+ return 0;
+ }
+
// A place to hold one node worth of data
nodeData = (uint8_t *) malloc(attrFile.nodeSize);
if (nodeData == NULL) {
--
2.23.0

6
sleuthkit.spec
View File

@ -1,6 +1,6 @@
Name: sleuthkit Name: sleuthkit
Version: 4.6.7 Version: 4.6.7
Release: 4 Release: 5
Summary: Tools for file system and volume forensic analysis Summary: Tools for file system and volume forensic analysis
License: CPL and IBM and GPLv2+ License: CPL and IBM and GPLv2+
URL: http://www.sleuthkit.org URL: http://www.sleuthkit.org
@ -11,6 +11,7 @@ Patch2: 0002-Ensure-that-we-don-t-attempt-to-index-into-an-invali.patch
Patch3: 0003-Fix-bug-introduced-with-imap-offset-check.patch Patch3: 0003-Fix-bug-introduced-with-imap-offset-check.patch
Patch4: 0004-Cast-attrseq-address-to-uintptr_t-so-that-the-correc.patch Patch4: 0004-Cast-attrseq-address-to-uintptr_t-so-that-the-correc.patch
Patch5: 0005-Fix-Fuzz-buffer-overflow.patch Patch5: 0005-Fix-Fuzz-buffer-overflow.patch
Patch6: 0006-Add-attributes-file-nodesize-check.patch
BuildRequires: gcc-c++ afflib-devel >= 3.3.4 libewf-devel perl-generators sqlite-devel BuildRequires: gcc-c++ afflib-devel >= 3.3.4 libewf-devel perl-generators sqlite-devel
@ -85,6 +86,9 @@ sed -i.rpath 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
%{_mandir}/man1/* %{_mandir}/man1/*
%changelog %changelog
* Fri Dec 18 2020 lingsheng <lingsheng@huawei.com> - 4.6.7-5
- Add attributes file nodesize check to fix heap overflow
* Tue Dec 15 2020 Jiachen Fan <fanjiachen3@huawei.com> - 4.6.7-4 * Tue Dec 15 2020 Jiachen Fan <fanjiachen3@huawei.com> - 4.6.7-4
- fix oss-fuzz heap over flow - fix oss-fuzz heap over flow