From d5e305944a9db25f57b252cc9f56c18311e68481 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Sun, 12 Oct 2008 11:17:49 +0000 Subject: findfs: fix LUKS and FAT detection routines; do not exit if corrupted FAT fs makes us try to seek past volume function old new delta volume_id_get_buffer 301 327 +26 volume_id_probe_luks 79 82 +3 get_attr_volume_id 73 65 -8 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/1 up/down: 29/-8) Total: 21 bytes --- util-linux/volume_id/fat.c | 128 +++++++++++++++++++++----------------------- util-linux/volume_id/luks.c | 50 ++++++++++++----- util-linux/volume_id/util.c | 15 ++++-- 3 files changed, 111 insertions(+), 82 deletions(-) (limited to 'util-linux/volume_id') diff --git a/util-linux/volume_id/fat.c b/util-linux/volume_id/fat.c index 9ab1cef02..816d69d4c 100644 --- a/util-linux/volume_id/fat.c +++ b/util-linux/volume_id/fat.c @@ -20,8 +20,11 @@ #include "volume_id_internal.h" -#define FAT12_MAX 0xff5 -#define FAT16_MAX 0xfff5 +/* linux/msdos_fs.h says: */ +#define FAT12_MAX 0xff4 +#define FAT16_MAX 0xfff4 +#define FAT32_MAX 0x0ffffff6 + #define FAT_ATTR_VOLUME_ID 0x08 #define FAT_ATTR_DIR 0x10 #define FAT_ATTR_LONG_NAME 0x0f @@ -31,9 +34,9 @@ struct vfat_super_block { uint8_t boot_jump[3]; uint8_t sysid[8]; - uint16_t sector_size; + uint16_t sector_size_bytes; uint8_t sectors_per_cluster; - uint16_t reserved; + uint16_t reserved_sct; uint8_t fats; uint16_t dir_entries; uint16_t sectors; @@ -84,32 +87,30 @@ struct vfat_dir_entry { uint32_t size; } __attribute__((__packed__)); -static uint8_t *get_attr_volume_id(struct vfat_dir_entry *dir, unsigned count) +static uint8_t *get_attr_volume_id(struct vfat_dir_entry *dir, int count) { - unsigned i; - - for (i = 0; i < count; i++) { + for (;--count >= 0; dir++) { /* end marker */ - if (dir[i].name[0] == 0x00) { + if (dir->name[0] == 0x00) { dbg("end of dir"); break; } /* empty entry */ - if (dir[i].name[0] == FAT_ENTRY_FREE) + if (dir->name[0] == FAT_ENTRY_FREE) continue; /* long name */ - if ((dir[i].attr & FAT_ATTR_MASK) == FAT_ATTR_LONG_NAME) + if ((dir->attr & FAT_ATTR_MASK) == FAT_ATTR_LONG_NAME) continue; - if ((dir[i].attr & (FAT_ATTR_VOLUME_ID | FAT_ATTR_DIR)) == FAT_ATTR_VOLUME_ID) { + if ((dir->attr & (FAT_ATTR_VOLUME_ID | FAT_ATTR_DIR)) == FAT_ATTR_VOLUME_ID) { /* labels do not have file data */ - if (dir[i].cluster_high != 0 || dir[i].cluster_low != 0) + if (dir->cluster_high != 0 || dir->cluster_low != 0) continue; dbg("found ATTR_VOLUME_ID id in root dir"); - return dir[i].name; + return dir->name; } dbg("skip dir entry"); @@ -118,31 +119,29 @@ static uint8_t *get_attr_volume_id(struct vfat_dir_entry *dir, unsigned count) return NULL; } -int volume_id_probe_vfat(struct volume_id *id, uint64_t off) +int volume_id_probe_vfat(struct volume_id *id, uint64_t fat_partition_off) { struct vfat_super_block *vs; struct vfat_dir_entry *dir; - uint16_t sector_size; + uint16_t sector_size_bytes; uint16_t dir_entries; uint32_t sect_count; - uint16_t reserved; - uint32_t fat_size; + uint16_t reserved_sct; + uint32_t fat_size_sct; uint32_t root_cluster; - uint32_t dir_size; + uint32_t dir_size_sct; uint32_t cluster_count; - uint32_t fat_length; - uint64_t root_start; - uint32_t start_data_sect; - uint16_t root_dir_entries; + uint64_t root_start_off; + uint32_t start_data_sct; uint8_t *buf; uint32_t buf_size; uint8_t *label = NULL; - uint32_t next; + uint32_t next_cluster; int maxloop; - dbg("probing at offset 0x%llx", (unsigned long long) off); + dbg("probing at offset 0x%llx", (unsigned long long) fat_partition_off); - vs = volume_id_get_buffer(id, off, 0x200); + vs = volume_id_get_buffer(id, fat_partition_off, 0x200); if (vs == NULL) return -1; @@ -196,34 +195,34 @@ int volume_id_probe_vfat(struct volume_id *id, uint64_t off) valid: /* sector size check */ - sector_size = le16_to_cpu(vs->sector_size); - if (sector_size != 0x200 && sector_size != 0x400 && - sector_size != 0x800 && sector_size != 0x1000) + sector_size_bytes = le16_to_cpu(vs->sector_size_bytes); + if (sector_size_bytes != 0x200 && sector_size_bytes != 0x400 && + sector_size_bytes != 0x800 && sector_size_bytes != 0x1000) return -1; - dbg("sector_size 0x%x", sector_size); + dbg("sector_size_bytes 0x%x", sector_size_bytes); dbg("sectors_per_cluster 0x%x", vs->sectors_per_cluster); - dir_entries = le16_to_cpu(vs->dir_entries); - reserved = le16_to_cpu(vs->reserved); - dbg("reserved 0x%x", reserved); + reserved_sct = le16_to_cpu(vs->reserved_sct); + dbg("reserved_sct 0x%x", reserved_sct); sect_count = le16_to_cpu(vs->sectors); if (sect_count == 0) sect_count = le32_to_cpu(vs->total_sect); dbg("sect_count 0x%x", sect_count); - fat_length = le16_to_cpu(vs->fat_length); - if (fat_length == 0) - fat_length = le32_to_cpu(vs->type.fat32.fat32_length); - dbg("fat_length 0x%x", fat_length); + fat_size_sct = le16_to_cpu(vs->fat_length); + if (fat_size_sct == 0) + fat_size_sct = le32_to_cpu(vs->type.fat32.fat32_length); + fat_size_sct *= vs->fats; + dbg("fat_size_sct 0x%x", fat_size_sct); - fat_size = fat_length * vs->fats; - dir_size = ((dir_entries * sizeof(struct vfat_dir_entry)) + - (sector_size-1)) / sector_size; - dbg("dir_size 0x%x", dir_size); + dir_entries = le16_to_cpu(vs->dir_entries); + dir_size_sct = ((dir_entries * sizeof(struct vfat_dir_entry)) + + (sector_size_bytes-1)) / sector_size_bytes; + dbg("dir_size_sct 0x%x", dir_size_sct); - cluster_count = sect_count - (reserved + fat_size + dir_size); + cluster_count = sect_count - (reserved_sct + fat_size_sct + dir_size_sct); cluster_count /= vs->sectors_per_cluster; dbg("cluster_count 0x%x", cluster_count); @@ -239,21 +238,18 @@ int volume_id_probe_vfat(struct volume_id *id, uint64_t off) goto fat32; /* the label may be an attribute in the root directory */ - root_start = (reserved + fat_size) * sector_size; - dbg("root dir start 0x%llx", (unsigned long long) root_start); - root_dir_entries = le16_to_cpu(vs->dir_entries); - dbg("expected entries 0x%x", root_dir_entries); + root_start_off = (reserved_sct + fat_size_sct) * sector_size_bytes; + dbg("root dir start 0x%llx", (unsigned long long) root_start_off); + dbg("expected entries 0x%x", dir_entries); - buf_size = root_dir_entries * sizeof(struct vfat_dir_entry); - buf = volume_id_get_buffer(id, off + root_start, buf_size); + buf_size = dir_entries * sizeof(struct vfat_dir_entry); + buf = volume_id_get_buffer(id, fat_partition_off + root_start_off, buf_size); if (buf == NULL) goto found; - dir = (struct vfat_dir_entry*) buf; - - label = get_attr_volume_id(dir, root_dir_entries); + label = get_attr_volume_id((struct vfat_dir_entry*) buf, dir_entries); - vs = volume_id_get_buffer(id, off, 0x200); + vs = volume_id_get_buffer(id, fat_partition_off, 0x200); if (vs == NULL) return -1; @@ -269,26 +265,25 @@ int volume_id_probe_vfat(struct volume_id *id, uint64_t off) fat32: /* FAT32 root dir is a cluster chain like any other directory */ - buf_size = vs->sectors_per_cluster * sector_size; + buf_size = vs->sectors_per_cluster * sector_size_bytes; root_cluster = le32_to_cpu(vs->type.fat32.root_cluster); - dbg("root dir cluster %u", root_cluster); - start_data_sect = reserved + fat_size; + start_data_sct = reserved_sct + fat_size_sct; - next = root_cluster; + next_cluster = root_cluster; maxloop = 100; while (--maxloop) { - uint32_t next_sect_off; + uint32_t next_off_sct; uint64_t next_off; uint64_t fat_entry_off; int count; - dbg("next cluster %u", next); - next_sect_off = (next - 2) * vs->sectors_per_cluster; - next_off = (start_data_sect + next_sect_off) * sector_size; + dbg("next_cluster 0x%x", (unsigned)next_cluster); + next_off_sct = (next_cluster - 2) * vs->sectors_per_cluster; + next_off = (start_data_sct + next_off_sct) * sector_size_bytes; dbg("cluster offset 0x%llx", (unsigned long long) next_off); /* get cluster */ - buf = volume_id_get_buffer(id, off + next_off, buf_size); + buf = volume_id_get_buffer(id, fat_partition_off + next_off, buf_size); if (buf == NULL) goto found; @@ -301,20 +296,21 @@ int volume_id_probe_vfat(struct volume_id *id, uint64_t off) break; /* get FAT entry */ - fat_entry_off = (reserved * sector_size) + (next * sizeof(uint32_t)); - buf = volume_id_get_buffer(id, off + fat_entry_off, buf_size); + fat_entry_off = (reserved_sct * sector_size_bytes) + (next_cluster * sizeof(uint32_t)); + dbg("fat_entry_off 0x%llx", (unsigned long long)fat_entry_off); + buf = volume_id_get_buffer(id, fat_partition_off + fat_entry_off, buf_size); if (buf == NULL) goto found; /* set next cluster */ - next = le32_to_cpu(*((uint32_t *) buf) & 0x0fffffff); - if (next == 0) + next_cluster = le32_to_cpu(*(uint32_t*)buf) & 0x0fffffff; + if (next_cluster < 2 || next_cluster > FAT32_MAX) break; } if (maxloop == 0) dbg("reached maximum follow count of root cluster chain, give up"); - vs = volume_id_get_buffer(id, off, 0x200); + vs = volume_id_get_buffer(id, fat_partition_off, 0x200); if (vs == NULL) return -1; diff --git a/util-linux/volume_id/luks.c b/util-linux/volume_id/luks.c index 51dda4e79..b0f0f5b21 100644 --- a/util-linux/volume_id/luks.c +++ b/util-linux/volume_id/luks.c @@ -20,20 +20,16 @@ #include "volume_id_internal.h" -#define SECTOR_SHIFT 9 -#define SECTOR_SIZE (1 << SECTOR_SHIFT) - -#define LUKS_CIPHERNAME_L 32 -#define LUKS_CIPHERMODE_L 32 -#define LUKS_HASHSPEC_L 32 -#define LUKS_DIGESTSIZE 20 -#define LUKS_SALTSIZE 32 -#define LUKS_NUMKEYS 8 +#define LUKS_MAGIC_L 6 +#define UUID_STRING_L 40 +#define LUKS_CIPHERNAME_L 32 +#define LUKS_CIPHERMODE_L 32 +#define LUKS_HASHSPEC_L 32 +#define LUKS_DIGESTSIZE 20 +#define LUKS_SALTSIZE 32 +#define LUKS_NUMKEYS 8 static const uint8_t LUKS_MAGIC[] = { 'L','U','K','S', 0xba, 0xbe }; -#define LUKS_MAGIC_L 6 -#define LUKS_PHDR_SIZE (sizeof(struct luks_phdr)/SECTOR_SIZE+1) -#define UUID_STRING_L 40 struct luks_phdr { uint8_t magic[LUKS_MAGIC_L]; @@ -56,11 +52,39 @@ struct luks_phdr { } keyblock[LUKS_NUMKEYS]; }; +enum { + EXPECTED_SIZE_luks_phdr = 0 + + 1 * LUKS_MAGIC_L + + 2 + + 1 * LUKS_CIPHERNAME_L + + 1 * LUKS_CIPHERMODE_L + + 1 * LUKS_HASHSPEC_L + + 4 + + 4 + + 1 * LUKS_DIGESTSIZE + + 1 * LUKS_SALTSIZE + + 4 + + 1 * UUID_STRING_L + + LUKS_NUMKEYS * (0 + + 4 + + 4 + + 1 * LUKS_SALTSIZE + + 4 + + 4 + ) +}; + +struct BUG_bad_size_luks_phdr { + char BUG_bad_size_luks_phdr[ + sizeof(struct luks_phdr) == EXPECTED_SIZE_luks_phdr ? + 1 : -1]; +}; + int volume_id_probe_luks(struct volume_id *id, uint64_t off) { struct luks_phdr *header; - header = volume_id_get_buffer(id, off, LUKS_PHDR_SIZE); + header = volume_id_get_buffer(id, off, sizeof(*header)); if (header == NULL) return -1; diff --git a/util-linux/volume_id/util.c b/util-linux/volume_id/util.c index 315d75ca6..c4d20ba47 100644 --- a/util-linux/volume_id/util.c +++ b/util-linux/volume_id/util.c @@ -181,7 +181,7 @@ set: buf[4], buf[5], buf[6], buf[7], buf[8], buf[9], - buf[10], buf[11], buf[12], buf[13], buf[14],buf[15]); + buf[10], buf[11], buf[12], buf[13], buf[14], buf[15]); break; case UUID_DCE_STRING: memcpy(id->uuid, buf, count); @@ -190,6 +190,9 @@ set: } } +/* Do not use xlseek here. With it, single corrupted filesystem + * may result in attempt to seek past device -> exit. + * It's better to ignore such fs and continue. */ void *volume_id_get_buffer(struct volume_id *id, uint64_t off, size_t len) { ssize_t buf_len; @@ -204,7 +207,10 @@ void *volume_id_get_buffer(struct volume_id *id, uint64_t off, size_t len) /* check if we need to read */ if ((off + len) > id->sbbuf_len) { dbg("read sbbuf len:0x%llx", (unsigned long long) (off + len)); - xlseek(id->fd, 0, SEEK_SET); + if (lseek(id->fd, 0, SEEK_SET) != 0) { + dbg("seek(0) failed"); + return NULL; + } buf_len = full_read(id->fd, id->sbbuf, off + len); if (buf_len < 0) { dbg("read failed (%s)", strerror(errno)); @@ -234,7 +240,10 @@ void *volume_id_get_buffer(struct volume_id *id, uint64_t off, size_t len) /* check if we need to read */ if ((off < id->seekbuf_off) || ((off + len) > (id->seekbuf_off + id->seekbuf_len))) { dbg("read seekbuf off:0x%llx len:0x%zx", (unsigned long long) off, len); - xlseek(id->fd, off, SEEK_SET); + if (lseek(id->fd, off, SEEK_SET) != off) { + dbg("seek(0x%llx) failed", (unsigned long long) off); + return NULL; + } buf_len = full_read(id->fd, id->seekbuf, len); if (buf_len < 0) { dbg("read failed (%s)", strerror(errno)); -- cgit v1.2.3