[U-Boot] [PATCH] fs: fix FAT name extraction
Patrick Wildt
patrick at blueri.se
Mon Nov 26 14:58:13 UTC 2018
The long name apparently can be accumulated using multiple
13-byte slots. Unfortunately we never checked how many we
can actually fit in the buffer we are reading to.
Signed-off-by: Patrick Wildt <patrick at blueri.se>
---
fs/fat/fat.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/fat/fat.c b/fs/fat/fat.c
index 4bc3030ab88..cadf3d039f0 100644
--- a/fs/fat/fat.c
+++ b/fs/fat/fat.c
@@ -810,6 +810,9 @@ static dir_entry *extract_vfat_name(fat_itr *itr)
slot2str((dir_slot *)dent, buf, &idx);
+ if (n + idx >= sizeof(itr->l_name))
+ return NULL;
+
/* shift accumulated long-name up and copy new part in: */
memmove(itr->l_name + idx, itr->l_name, n);
memcpy(itr->l_name, buf, idx);
--
2.17.2 (Apple Git-113)
More information about the U-Boot
mailing list