packages/sleuthkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sleuthkit/0010-Fixed-HFS-BTree-key-OOB-read.patch
lingsheng 15c6a656ea Fixed OOB reads in hfs_cat_traverse 
(cherry picked from commit 1d8693a0144be716cefe52bacdb55faa77516935)
2021-08-27 10:45:09 +08:00

25 lines
921 B
Diff
Raw Blame History

From 0954034dc1ac757cfc125539c41cc2b42525b303 Mon Sep 17 00:00:00 2001
From: Joachim Metz <joachim.metz@gmail.com>
Date: Tue, 27 Apr 2021 06:22:02 +0200
Subject: [PATCH] Fixed HFS BTree key OOB read
---
tsk/fs/hfs.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
index 2935fc50e3..d3b92aaad7 100644
--- a/tsk/fs/hfs.c
+++ b/tsk/fs/hfs.c
@@ -976,7 +976,9 @@ hfs_cat_traverse(HFS_INFO * hfs,
rec_off =
tsk_getu16(fs->endian,
&node[nodesize - (rec + 1) * 2]);
- if (rec_off >= nodesize) {
+
+ // Need at least 2 bytes for key_len
+ if (rec_off >= nodesize - 2) {
tsk_error_set_errno(TSK_ERR_FS_GENFS);
tsk_error_set_errstr
("hfs_cat_traverse: offset of record %d in leaf node %d too large (%d vs %"
Reference in New Issue View Git Blame Copy Permalink