diff options
Diffstat (limited to '')
-rw-r--r-- | debian/patches/upstream/0025-libblkid-ntfs-avoid-UB-in-signed-shift.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/debian/patches/upstream/0025-libblkid-ntfs-avoid-UB-in-signed-shift.patch b/debian/patches/upstream/0025-libblkid-ntfs-avoid-UB-in-signed-shift.patch new file mode 100644 index 0000000..a212b04 --- /dev/null +++ b/debian/patches/upstream/0025-libblkid-ntfs-avoid-UB-in-signed-shift.patch @@ -0,0 +1,33 @@ +From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas@t-8ch.de> +Date: Thu, 10 Nov 2022 18:35:00 +0100 +Subject: [PATCH 25/26] libblkid: ntfs: avoid UB in signed shift + +Fix OSS-Fuzz issue 53142 ( #1886 ) +Fix OSS-Fuzz issue 53160 ( #1888 ) +--- + libblkid/src/superblocks/ntfs.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/libblkid/src/superblocks/ntfs.c b/libblkid/src/superblocks/ntfs.c +index dced699..217e7e8 100644 +--- a/libblkid/src/superblocks/ntfs.c ++++ b/libblkid/src/superblocks/ntfs.c +@@ -135,11 +135,15 @@ static int __probe_ntfs(blkid_probe pr, const struct blkid_idmag *mag, int save_ + } + } + +- if (ns->clusters_per_mft_record > 0) ++ if (ns->clusters_per_mft_record > 0) { + mft_record_size = ns->clusters_per_mft_record * + sectors_per_cluster * sector_size; +- else +- mft_record_size = 1 << (0 - ns->clusters_per_mft_record); ++ } else { ++ int8_t mft_record_size_shift = 0 - ns->clusters_per_mft_record; ++ if (mft_record_size_shift < 0 || mft_record_size_shift >= 31) ++ return 1; ++ mft_record_size = 1 << mft_record_size_shift; ++ } + + nr_clusters = le64_to_cpu(ns->number_of_sectors) / sectors_per_cluster; + |