History log of /external/squashfs-tools/squashfs-tools/unsquash-2.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
e1542da6a3f99db8dc60b5cad891547e047861b7 01-Feb-2013 Phillip Lougher <phillip@squashfs.org.uk> unsquashfs: fix read_directory_table() parameter

sBlk.s.fragment_table_start isn't the end of the
directory table, it instead points to the
fragment_index_table, in which the first index of that
points to the end of the directory table. The only exception
to that is where fragments == 0, where fragment_table_start
does represent the end of the directory table.

The upshot of this is that for years Unsquashfs has been
reading and decompressing the directory_table and the
table after it. Not a major bug, but a waste of memory
all the same.

It has shown up now because of the additional sanity checks
when reading metadata blocks that have been added recently,
where all metadata blocks in the directory table bar the last one
should be SQUASHFS_METADATA_SIZE in size.

Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-2.c
0882a3d4ec81b9a86e512900e3b32e37fb72511e 28-Jan-2013 Phillip Lougher <phillip@squashfs.org.uk> unsquash-2: harden fragment table reading against corrupted filesystems

Harden fragment table reading, checking against unexpected metadata
block length, ensuring no buffer overflow/underflow occurs.

Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-2.c
cf5c8b43f14bad020372fe55fb237eb2ae2b28d4 25-Jan-2013 Phillip Lougher <phillip@squashfs.org.uk> unsquashfs: prevent buffer {over|under}flow in read_block() with corrupted filesystems

Prevent buffer overflow and underflow in read_block() with corrupted
filesystems.

Overflow is easy to understand, read_block() is called to read the next
metadata block pointed to by <start>... Often the buffer passed in is
large enough to hold the expected return bytes, which can be less than
SQUASHFS_METADATA_SIZE. For example filesystem tables are compressed
in SQUASHFS_METADATA_SIZEd chunks, the last compressed chunk will normally
be smaller than SQUASHFS_METADATA_SIZE, so when read_block() is called,
the passed buffer is only large enough to hold the expected size.

Underflow is rather more subtle, when read_block() is called, it is
expected that the returned block will fill the expected amount of
bytes in the filesystem table (stored as an array). If the returned
block is smaller than expected, then there will be uninitialised
data in the filesystem table which will cause unexpected behaviour later.

Fix both cases by passing in an additional parameter <expected>
which contains the expected number of bytes in the metadata block.
Refuse to read blocks which are larger than expected to avoid
buffer overflow and also return error if the block proves to be
smaller than expected, to avoid using unitialised data.

For the callers where the expected number of bytes is unknown support
<expected> containing 0, in which case the metadata block is checked to
ensure it doesn't overflow a SQUASHFS_METADATA_SIZEd buffer. Callers of
read_block() with <expected> == 0 are expected to pass in a
SQUASHFS_METADATA_SIZEd buffer. For instance with compressor specific
options data, the correct length is only known by the compressor specific
code, and this is later called to check the length.

Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-2.c
83d42a3fc898962aa1f1e8387f2ccb1114e0d294 01-Nov-2012 Phillip Lougher <phillip@squashfs.org.uk> Update email address

Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-2.c
dca845584387092a80d18fc94b88de6b2f2dbceb 31-Dec-2010 plougher <plougher> get rid of union squashfs_inode_header_2 typedef
/external/squashfs-tools/squashfs-tools/unsquash-2.c
f2c8b3ecba4b9bdb74f3a178bf7c32a67ec90511 24-Oct-2010 plougher <plougher> Fix block calculation error with regular files when file size is
between 2^32-block_size+1 and 2^32-1
/external/squashfs-tools/squashfs-tools/unsquash-2.c
3c13c3362c168c1106c98b271f557bf02ff6ebc1 25-Aug-2010 plougher <plougher> Fix copyright dates - these files didn't exist before 2009, although
strictly speaking some of the code did in unsquashfs.c
/external/squashfs-tools/squashfs-tools/unsquash-2.c
2c4819f16e1629ea3f13fb21f4243f6d2006a77d 22-Jul-2010 plougher <plougher> Wrap somw lines
/external/squashfs-tools/squashfs-tools/unsquash-2.c
a3bbedd581c7022ae2a7b940e967ada58ca47d03 22-Jul-2010 plougher <plougher> Abort if the mapping from on disk block location to locatiion of uncompressed
block in memory cannot be found. This is indicative of a corrupt filesystem
and it is pointless to continue
/external/squashfs-tools/squashfs-tools/unsquash-2.c
eca8d438c9b00aaf191de7c79f845ca5122f09b2 22-Jul-2010 plougher <plougher> Abort on unknown inode, rather than just ignore it. An unknown inode is
indicative of a corrupt filesystem, and it is pointless to continue.
/external/squashfs-tools/squashfs-tools/unsquash-2.c
8d4404d1f63a558f4903eb8c939bd4306a805d0f 21-Jul-2010 plougher <plougher> Update copyright
/external/squashfs-tools/squashfs-tools/unsquash-2.c
12c899489159bbf0b30054b970a96c45fa2a1035 04-Jul-2010 plougher <plougher> Add xattr field to struct inode, and add support for reading xattr in
read_inode_4. All other read_inode_x functions also now set xattr to the
invalid value.
/external/squashfs-tools/squashfs-tools/unsquash-2.c
27c4b6f7f6a33bf7711c0ee8cd563e4604dc5861 02-Jul-2010 plougher <plougher> Replace fields in struct super_block copied from struct squashfs_super_block
with a nested struct squashfs_super_block
/external/squashfs-tools/squashfs-tools/unsquash-2.c
176b325add10f6b9846f771f75d8543364d4c121 18-Jun-2010 plougher <plougher> change unsquashfs read_block to take an fd
/external/squashfs-tools/squashfs-tools/unsquash-2.c
3306cb2b54a60a32664617118336ac141e1471b6 18-Jun-2010 plougher <plougher> change read_fs_bytes() from taking char * to taking void *
/external/squashfs-tools/squashfs-tools/unsquash-2.c
86561909d9ca51a4e4ce4efcfea30b41d1d08275 18-Jun-2010 plougher <plougher> rename read_bytes() to read_fs_bytes() to be consistent with mksquashfs.
Also pass fd explicitly into function, again to be consistent with mksquashfs.
/external/squashfs-tools/squashfs-tools/unsquash-2.c
3e23745c113c8e94aed1a84c1a06f407e8efa0a5 31-Mar-2009 plougher <plougher> More code tidying
/external/squashfs-tools/squashfs-tools/unsquash-2.c
bbdefb91f325b3c9138a7e6fd7b91842db4e52f4 30-Mar-2009 plougher <plougher> Code tidy
/external/squashfs-tools/squashfs-tools/unsquash-2.c
c94505a298ad959b4191dc7cf60af3785d67e118 27-Mar-2009 plougher <plougher> Add error checking to read_fragment_table_2()
/external/squashfs-tools/squashfs-tools/unsquash-2.c
d72bec3812e6e83985d7e0a9196f20558f434766 26-Mar-2009 plougher <plougher> Add some extra TRACE statements
/external/squashfs-tools/squashfs-tools/unsquash-2.c
873379faaf47fa4f22dfb5af816cfd707a6a51cc 26-Mar-2009 plougher <plougher> Add extra ERROR and TRACE statements and remove unnecessary error goto
/external/squashfs-tools/squashfs-tools/unsquash-2.c
2751b4a665ee803e2fc81fc4e41fe2a24d551125 24-Mar-2009 plougher <plougher> Set sparse field to 0 (not a sparse file).
/external/squashfs-tools/squashfs-tools/unsquash-2.c
4b285079bd60a5c77b5803a5664f31a5db76a916 24-Mar-2009 plougher <plougher> Alloc symlink rather than a static allocation in inode structure
/external/squashfs-tools/squashfs-tools/unsquash-2.c
f708c857b59246da8529f06d7dfeabae423ba0c5 19-Mar-2009 plougher <plougher> Explicitly include "squashfs_compat.h"
/external/squashfs-tools/squashfs-tools/unsquash-2.c
d12247df03571cd8b684346038fea2fdfa92cfb8 16-Mar-2009 plougher <plougher> Make fragment_table_2 static and local to this file, and rename to
fragment_table. All users of fragment_table_3 are local to this file
/external/squashfs-tools/squashfs-tools/unsquash-2.c
ed4d023d3a0de320b54378ab09148756ad17c039 14-Mar-2009 plougher <plougher> 2.0 layout specific functions
/external/squashfs-tools/squashfs-tools/unsquash-2.c