leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2ac0baab4a
u-boot/fs
History
Miquel Raynal 2ac0baab4a fs/squashfs: sqfs_read: Prevent arbitrary code execution 
Following Jincheng's report, an out-of-band write leading to arbitrary
code execution is possible because on one side the squashfs logic
accepts directory names up to 65535 bytes (u16), while U-Boot fs logic
accepts directory names up to 255 bytes long.

Prevent such an exploit from happening by capping directory name sizes
to 255. Use a define for this purpose so that developers can link the
limitation to its source and eventually kill it some day by dynamically
allocating this array (if ever desired).

Link: https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw@mail.gmail.com
Reported-by: Jincheng Wang <jc.w4ng@gmail.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Tested-by: Jincheng Wang <jc.w4ng@gmail.com>
2022-06-16 15:22:55 -04:00
..
btrfs btrfs: Fix compilation on big endian systems 2022-04-19 14:52:34 -04:00
cbfs doc: replace @return by Return: 2022-01-19 18:11:34 +01:00
cramfs common: Drop flash.h from common header 2020-05-18 14:53:28 -04:00
erofs fs/erofs: add lz4 decompression support 2022-03-15 16:19:29 -04:00
ext4 fs: ext4: Use CRC-16 implementation from linux/crc16.h 2022-04-21 14:32:40 -04:00
fat doc: replace @return by Return: 2022-01-19 18:11:34 +01:00
jffs2 Convert CONFIG_JFFS2_DEV et al to Kconfig 2021-12-27 16:20:19 -05:00
reiserfs common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
sandbox bootstd: sandbox: Add a hostfs bootdev 2022-04-25 10:00:04 -04:00
squashfs fs/squashfs: sqfs_read: Prevent arbitrary code execution 2022-06-16 15:22:55 -04:00
ubifs ubifs: Fix lockup/crash when reading files 2022-06-03 10:23:22 -04:00
yaffs2 fs: yaffs2: Finish Kconfig migration 2021-11-05 11:23:29 -04:00
zfs common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
fs_internal.c fs: convert error and debug messages to log 2020-09-06 21:21:41 +02:00
fs.c fs: Add a function to set the filesystem type 2022-04-25 10:00:03 -04:00
Kconfig bootstd: sandbox: Add a hostfs bootdev 2022-04-25 10:00:04 -04:00
Makefile fs: Add semihosting filesystem 2022-04-01 15:03:13 -04:00
semihostingfs.c fs: Add semihosting filesystem 2022-04-01 15:03:13 -04:00