From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1PZlVi-0003bQ-NH for mharc-grub-devel@gnu.org; Mon, 03 Jan 2011 09:35:46 -0500 Received: from [140.186.70.92] (port=40777 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PZlVe-0003Y8-Na for grub-devel@gnu.org; Mon, 03 Jan 2011 09:35:44 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PZlVZ-0002X8-39 for grub-devel@gnu.org; Mon, 03 Jan 2011 09:35:38 -0500 Received: from mail-ww0-f49.google.com ([74.125.82.49]:42776) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PZlVY-0002X3-Uh for grub-devel@gnu.org; Mon, 03 Jan 2011 09:35:37 -0500 Received: by wwb17 with SMTP id 17so13843644wwb.30 for ; Mon, 03 Jan 2011 06:35:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=sG4ivSZfPvXU3EuEGaFriA0urCtgo6LPhjpb4NHS7IY=; b=H0+OYEO9OI8Z7g/bkBjTKxPrveVTC/HqQO+JyYR2nefhuGyVkQDUcP7vp8wnbUwnUw vmbUkPd6biVsORCjZvwET45RPznfrzkwW31kSC0j87IDiQAamzrYiXJlFdN8VcRnud5/ miMnMg2FwG4xU3eqVs1YntYKWsnEfWnJqOnLE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; b=LXNDW+aZY8PcHvrefy4f5IeeRd8MW2AZXePSEf483XCdMNZO74cG4ngCunHRUSGUV4 TLzz7UmWuMwn7sNNT/VyW4Ffm8GUF6G+tw6DrhRASZ6wS2asTmDEDLfSDAydakf+Dc3c 4adAwn6quYvJcHZJHvgR6/yZ/vaWn0L+JjOag= Received: by 10.227.154.204 with SMTP id p12mr11647938wbw.6.1294065335707; Mon, 03 Jan 2011 06:35:35 -0800 (PST) Received: from debian.bg45.phnet (58-50.62-81.cust.bluewin.ch [81.62.50.58]) by mx.google.com with ESMTPS id f35sm14183583wbf.8.2011.01.03.06.35.24 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 03 Jan 2011 06:35:33 -0800 (PST) Message-ID: <4D21DE9C.3060402@gmail.com> Date: Mon, 03 Jan 2011 15:35:08 +0100 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20101226 Icedove/3.0.11 MIME-Version: 1.0 To: grub-devel@gnu.org References: <1293694134.2873.17.camel@Inchon> <1293695167.2873.20.camel@Inchon> In-Reply-To: <1293695167.2873.20.camel@Inchon> X-Enigmail-Version: 1.0.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig408E5861CC2BDC8064749AED" X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: Re: [PATCH] hfsplus: Prevent overflows in comparisons X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jan 2011 14:35:44 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig408E5861CC2BDC8064749AED Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Applied, thanks. On 12/30/2010 08:46 AM, Dave Vasilevsky wrote: > =3D=3D=3D modified file 'ChangeLog' > --- ChangeLog 2010-12-27 06:19:51 +0000 > +++ ChangeLog 2010-12-30 07:39:45 +0000 > @@ -1,3 +1,11 @@ > +2010-12-30 Dave Vasilevsky > + > + * grub-core/fs/hfsplus.c: Parent field of > + grub_hfsplus_catkey_internal should be unsigned. > + (grub_hfsplus_cmp_catkey): Don't compare using subtraction, it > + overflows. > + (grub_hfsplus_cmp_extkey): Likewise > + > 2010-12-27 Vladimir Serbinenko > =20 > * grub-core/loader/xnu.c (grub_cmd_xnu_kernel) [! GRUB_MACHINE_EFI]: > > =3D=3D=3D modified file 'grub-core/fs/hfsplus.c' > --- grub-core/fs/hfsplus.c 2010-01-20 08:12:47 +0000 > +++ grub-core/fs/hfsplus.c 2010-12-30 06:10:23 +0000 > @@ -178,7 +178,7 @@ > /* Internal representation of a catalog key. */ > struct grub_hfsplus_catkey_internal > { > - int parent; > + grub_uint32_t parent; > char *name; > }; > =20 > @@ -520,9 +520,12 @@ > int i; > int diff; > =20 > - diff =3D grub_be_to_cpu32 (catkey_a->parent) - catkey_b->parent; > - if (diff) > - return diff; > + /* Safe unsigned comparison */ > + grub_uint32_t aparent =3D grub_be_to_cpu32 (catkey_a->parent); > + if (aparent > catkey_b->parent) > + return 1; > + if (aparent < catkey_b->parent) > + return -1; > =20 > /* Change the filename in keya so the endianness is correct. */ > for (i =3D 0; i < grub_be_to_cpu16 (catkey_a->namelen); i++) > @@ -555,15 +558,21 @@ > { > struct grub_hfsplus_extkey *extkey_a =3D &keya->extkey; > struct grub_hfsplus_extkey_internal *extkey_b =3D &keyb->extkey; > - int diff; > - > - diff =3D grub_be_to_cpu32 (extkey_a->fileid) - extkey_b->fileid; > - > - if (diff) > - return diff; > - > - diff =3D grub_be_to_cpu32 (extkey_a->start) - extkey_b->start; > - return diff; > + grub_uint32_t akey; > + > + /* Safe unsigned comparison */ > + akey =3D grub_be_to_cpu32 (extkey_a->fileid); > + if (akey > extkey_b->fileid) > + return 1; > + if (akey < extkey_b->fileid) > + return -1; > + =20 > + akey =3D grub_be_to_cpu32 (extkey_a->start); > + if (akey > extkey_b->start) > + return 1; > + if (akey < extkey_b->start) > + return -1; > + return 0; > } > =20 > static char * > > > > =20 --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------enig408E5861CC2BDC8064749AED Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAk0h3pwACgkQNak7dOguQgnlLwEAtSmaLA6S/nF/6SAslUaOpuMZ D9LpGTRYf/OowVI2wogBAIyKXe7Bfc76sCD2zZfSTeFIUqMKf0L6aRrY1qVv2wSA =OB/V -----END PGP SIGNATURE----- --------------enig408E5861CC2BDC8064749AED--