From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1p67E6-00048K-0y for mharc-grub-devel@gnu.org; Fri, 16 Dec 2022 04:41:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p67E4-000487-88 for grub-devel@gnu.org; Fri, 16 Dec 2022 04:41:56 -0500 Received: from mout.gmx.net ([212.227.15.15]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p67Dz-0002ig-F0 for grub-devel@gnu.org; Fri, 16 Dec 2022 04:41:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1671183689; bh=uz6nlmyXl77+UEsYr1mQpGKvjSbupRDaEc/zGn5YuoY=; h=X-UI-Sender-Class:Date:From:To:Subject:Cc:References:In-Reply-To; b=ef0/pk6sb9SbJThHguoW815T57EmDeo0v3HVeeYNUnulVByr8/Pk35qBenijqStpD YRGY3kGKdTKkNu5iW2SCugLODtyyXp65Qn9QpVT4C5CeCVNR377HxS+rnIUzyGf8lM TbnYO5gRuHRs1oaRiGYVFvQIL2ymLeQkbvtEgxvd7ZfsS1YGA7OwZxd/hBCYJonVSW ERafjVp2de40BGHlBLPr0/SaofOxgybzbBR9NDFN+tbIcwohe3cejoFlvcR7Q6A18v q+HrGDsprBYW//LQDfOA8gP1lFAe6VQOwK2dioSzRWq3RpxHy67Qq5CpXznhDe9cnm 6oHZMwmWjD0tw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from scdbackup.webframe.org ([84.179.236.73]) by mail.gmx.net (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MvK4Z-1oozsH3isL-00rEJC; Fri, 16 Dec 2022 10:41:29 +0100 Date: Fri, 16 Dec 2022 10:42:13 +0100 From: "Thomas Schmitt" To: grub-devel@gnu.org Subject: Proposal: fs/iso9660: Prevent skipping CE or ST at start of continuation area Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Cc: lidong.chen@oracle.com, fengtao40@huawei.com, yanan@huawei.com, daniel.kiper@oracle.com, lichenca2005@gmail.com References: <307c2d0fba1b8fb12c0724425b8037d20b7aed06.1671042887.git.lidong.chen@oracle.com> In-Reply-To: <307c2d0fba1b8fb12c0724425b8037d20b7aed06.1671042887.git.lidong.chen@oracle.com> Message-Id: <19021389617225107434@scdbackup.webframe.org> X-Provags-ID: V03:K1:23qsXhqAbo9C1QNceDH37WaT6Qt+plVj9Ug+yXuvgdPPHEYOBib ewrCGyjOCmz6OcKgmpqYLJ0x560yzFfGAdjP9J3HJ5LXSRayOAq/KIs3JwYel0n31NqfPhT iCkC7qIZmx5tSo8r5+GHQ7GhKwrszbggs+8/yCfNIeSLyDImUqw1xE1cscC9GZxthJHJHFQ OhNMNlNCdHc9vlZZSf8Jg== UI-OutboundReport: notjunk:1;M01:P0:MkH2o7bXfp0=;mIbVfYOdCyeFygTh4skrQ9omYQr 3h8vkm1alPPAA/it6H4YQhM2LD/ja/C1djw1FJQcCBiS8iyuFzZ9ultDGMhAqdQrJMoSwgXzt MhzIIMB3WhKpsxWbiXgOvWPbaXfbzi70YOGlmC6vA36YCANv4ZNGYlojzr8pCefNzqwS/vJzl +yy+UZv16/T7sPphcLT7a+m1feveTO53XzZbO2Krwh65fWg9LyqWEDD8Sw7sMz6XYX08nnxuM oVvnPEFW3OjEyBCG9bXMs0O6FALRByn3kNezkm4xLtcPW6QXeamxwerhqoua+rmmQy7EXAVWc kFsNTqEGhtmXHxN87oPSUnKa66LhKUaaKm1RlcUFYd28+eogPz+HjY9MIZXkEq6i1DpvZag3B FlwsWdSrae9OcmvtYGMN9BUut5891VMZLY7EJ0hQwvHMSATw6Fkl7H7omLUJ3Cwem+Qpze+0q QTq971L2WcwriUcB0zbzEXtfH3vVP5K6tzwWCS7NS1i4hXmzQqRMYXA4jZOqHBtJroNi5zVtm gGP/NkJhoBCkoA8KHHa0IsNaDB1hjc7J/q+qM9YlPnvPWcRATL3FFpvq5jv/mJ7sYaN0eYJkr NqAQ4MOgyn9xFSnYcpctxiAtCgmL6MywVrag3bLokSIjC60kaEui8VsT4jt5jlfN7/ECs7xJP +7UwjF25mvuNMVyWjCxWpkO6u+AIQ2Lq2PvNuVCRFUoIqkj8N5poVqPRbqI0E0pX28txlC4wq xH0OvDLqLjTWt7Us3p7/DNyRzj/N9H9KzRbOZNL5cnPL2fDWSrjpoQ0dP4+kZWZFY7h3KzzsY 9sSt6LhmGHDtjO9qbdywPYyJCxqK5/Y1vLr66qHChTogxmvBnBnG77Jf3BTcMP/yjdB/xU/uX lTgYebwvZwajmOwx2FPIJSNdTOH+6Fgb6rR0UAQQ36KEWD83Uq+W5CE851LgFAO/nui9A74/b FsH0cZZfZRpEk9mITKr9A0drL1U= Received-SPF: pass client-ip=212.227.15.15; envelope-from=scdbackup@gmx.net; helo=mout.gmx.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Dec 2022 09:41:56 -0000 Hi, i believe that the problem about CE entries sitting at the start of a SUSP continuation area could be quite easily solved after patch [2/4] was appli= ed, which changes the for-loop to a while loop with the entry-advance step at = its end. So i propose to Lidong Chen to handle this problem by another patch in the series, which comes after [2/4] (then [2/5]). Please verify that my thoughts about CE (and additionally about ST) are correct and consider the following diff, which compiles but is not tested otherwise. I agree in advance to changing my "Signed-off-by:" to "Suggested-by:" if deemed appropriate. =2D----------------------------------------------------------------------- fs/iso9660: Prevent skipping CE or ST at start of continuation area If processing of a SUSP CE entry leads to a continuation area which begins by entry CE or ST, then these entries were skipped without interpretation. In case of CE this would lead to premature end of processing the SUSP entr= ies of the file. In case of ST this could cause following non-SUSP bytes to be interpreted as SUSP entries. Signed-off-by: Thomas Schmitt =2D-- grub-core/fs/iso9660.c.lidong_chen_patch_2 2022-12-15 11:46:50.65429= 5924 +0100 +++ grub-core/fs/iso9660.c.lidong_chen_patch_2_ce_fix 2022-12-16 10:05:52.= 990599283 +0100 @@ -336,6 +336,12 @@ grub_iso9660_susp_iterate (grub_fshelp_n } entry =3D (struct grub_iso9660_susp_entry *) sua; + + if (grub_strncmp ((char *) entry->sig, "CE", 2) =3D=3D 0 + || grub_strncmp ((char *) entry->sig, "ST", 2) =3D=3D 0) + /* The hook function will not process CE or ST. + Advancing to the next entry would skip them. */ + continue; } if (hook (entry, hook_arg)) =2D----------------------------------------------------------------------- Have a nice day :) Thomas