[PATCH] fat: fat2rtc: Sanitize timestamps

Heinrich Schuchardt xypron.glpk at gmx.de
Fri Jul 12 13:55:59 CEST 2024


On 12.07.24 11:51, Richard Weinberger wrote:
> Am Freitag, 12. Juli 2024, 11:46:08 CEST schrieb 'Heinrich Schuchardt' via upstream:
>> Am 12. Juli 2024 10:24:54 MESZ schrieb Richard Weinberger <richard at nod.at>:
>>> Make sure that tm_mday and tm_mon are within the expected
>>> range. Upper layers such as rtc_calc_weekday() will use
>>> them as lookup keys for arrays and this can cause out of
>>> bounds memory accesses.
>>
>> rtc_calc_weekday() might receive invalid input from other sources. Shouldn't the function always validate its input before array access?
>
> It depends on the overall design.
> Functions like strlen() also assume that you provide a valid string,
> so rtc_calc_weekday() can assume too that the passed rtc_time structure contains valid data.
>
> In doubt, let's fix both FAT and rtc_calc_weekday().

Other source locations where the content of struct rtc_time is not
(fully) validated before calling rtc_calc_weekday are

mc146818_get()
mk_date()

to name a few.

Other RTC drivers might also be placing garbage in a struct rtc_time, e.g.

omap_rtc_get()
m41t62_update_rtc_time()

Best regards

Heinrich


More information about the U-Boot mailing list