artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5cbf2c1)
Don't trust gpt header data read from disk until after its
authorkrw <krw@openbsd.org>
Thu, 11 Aug 2022 20:22:27 +0000 (20:22 +0000)
committerkrw <krw@openbsd.org>
Thu, 11 Aug 2022 20:22:27 +0000 (20:22 +0000)
validity is checked.

Found the hard way by kn@

Cluebats from millert@ and deraadt@.

Fix tested by and ok kn@

sys/kern/subr_disk.c patch | blob | history

diff --git a/sys/kern/subr_disk.c b/sys/kern/subr_disk.c
index dcb4b22..90bdd46 100644 (file)
--- a/sys/kern/subr_disk.c
+++ b/sys/kern/subr_disk.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: subr_disk.c,v 1.249 2022/08/06 14:48:33 krw Exp $     */
+/*     $OpenBSD: subr_disk.c,v 1.250 2022/08/11 20:22:27 krw Exp $     */
 /*     $NetBSD: subr_disk.c,v 1.17 1996/03/16 23:17:08 christos Exp $  */
 
 /*
@@ -470,7 +470,7 @@ gpt_get_hdr(struct buf *bp, void (*strat)(struct buf *), struct disklabel *lp,
        uint64_t                partlba;
        uint64_t                lbaend, lbastart;
        uint32_t                csum;
-       uint32_t                size, partsize, partspersec;
+       uint32_t                size, partsize;
 
 
        error = readdisksector(bp, strat, lp, sector);
@@ -481,14 +481,13 @@ gpt_get_hdr(struct buf *bp, void (*strat)(struct buf *), struct disklabel *lp,
 
        size = letoh32(ngh.gh_size);
        partsize = letoh32(ngh.gh_part_size);
-       partspersec = lp->d_secsize / partsize;
        partlba = letoh64(ngh.gh_part_lba);
        lbaend = letoh64(ngh.gh_lba_end);
        lbastart = letoh64(ngh.gh_lba_start);
 
        csum = ngh.gh_csum;
        ngh.gh_csum = 0;
-       ngh.gh_csum = htole32(crc32(0, (unsigned char *)&ngh, size));
+       ngh.gh_csum = htole32(crc32(0, (unsigned char *)&ngh, GPTMINHDRSIZE));
 
        if (letoh64(ngh.gh_sig) == GPTSIGNATURE &&
            letoh32(ngh.gh_rev) == GPTREVISION &&
OpenBSD src
by Ahmet Artu Yildirim