| e1542da6a3f99db8dc60b5cad891547e047861b7 |
|
01-Feb-2013 |
Phillip Lougher <phillip@squashfs.org.uk> |
unsquashfs: fix read_directory_table() parameter
sBlk.s.fragment_table_start isn't the end of the
directory table, it instead points to the
fragment_index_table, in which the first index of that
points to the end of the directory table. The only exception
to that is where fragments == 0, where fragment_table_start
does represent the end of the directory table.
The upshot of this is that for years Unsquashfs has been
reading and decompressing the directory_table and the
table after it. Not a major bug, but a waste of memory
all the same.
It has shown up now because of the additional sanity checks
when reading metadata blocks that have been added recently,
where all metadata blocks in the directory table bar the last one
should be SQUASHFS_METADATA_SIZE in size.
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| d254c58e4a85fa0141cd7dd085a8c2f4d6793a02 |
|
28-Jan-2013 |
Phillip Lougher <phillip@squashfs.org.uk> |
unsquash-3: harden fragment table reading against corrupted filesystems
Harden fragment table reading, checking against unexpected metadata
block length, ensuring no buffer overflow/underflow occurs.
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| cf5c8b43f14bad020372fe55fb237eb2ae2b28d4 |
|
25-Jan-2013 |
Phillip Lougher <phillip@squashfs.org.uk> |
unsquashfs: prevent buffer {over|under}flow in read_block() with corrupted filesystems
Prevent buffer overflow and underflow in read_block() with corrupted
filesystems.
Overflow is easy to understand, read_block() is called to read the next
metadata block pointed to by <start>... Often the buffer passed in is
large enough to hold the expected return bytes, which can be less than
SQUASHFS_METADATA_SIZE. For example filesystem tables are compressed
in SQUASHFS_METADATA_SIZEd chunks, the last compressed chunk will normally
be smaller than SQUASHFS_METADATA_SIZE, so when read_block() is called,
the passed buffer is only large enough to hold the expected size.
Underflow is rather more subtle, when read_block() is called, it is
expected that the returned block will fill the expected amount of
bytes in the filesystem table (stored as an array). If the returned
block is smaller than expected, then there will be uninitialised
data in the filesystem table which will cause unexpected behaviour later.
Fix both cases by passing in an additional parameter <expected>
which contains the expected number of bytes in the metadata block.
Refuse to read blocks which are larger than expected to avoid
buffer overflow and also return error if the block proves to be
smaller than expected, to avoid using unitialised data.
For the callers where the expected number of bytes is unknown support
<expected> containing 0, in which case the metadata block is checked to
ensure it doesn't overflow a SQUASHFS_METADATA_SIZEd buffer. Callers of
read_block() with <expected> == 0 are expected to pass in a
SQUASHFS_METADATA_SIZEd buffer. For instance with compressor specific
options data, the correct length is only known by the compressor specific
code, and this is later called to check the length.
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 83d42a3fc898962aa1f1e8387f2ccb1114e0d294 |
|
01-Nov-2012 |
Phillip Lougher <phillip@squashfs.org.uk> |
Update email address
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 8db6d288d01afc5464965b0bde8106cd7360c543 |
|
16-Oct-2012 |
Phillip Lougher <phillip@squashfs.org.uk> |
Update copyright dates
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 916c28e94a1e7c16e06811ba0f8b23e428597bcb |
|
19-Jan-2012 |
Phillip Lougher <phillip@squashfs.org.uk> |
unsquashfs: completely empty filesystems incorrectly generate an error
In squashfs_opendir() if the directory is empty, skip the
unnecessary lookup_entry, this fixes the corner case with
completely empty filesystems where lookup_entry correctly
returning -1 is incorrectly treated as an error
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| cc7cea5b0d004fbaaf5e1060e6ed0fa9367e7ef0 |
|
13-Mar-2011 |
Phillip Lougher <phillip@lougher.demon.co.uk> |
unsquashfs: add checks for corrupted data in opendir functions
Add checks for corrupted data in squashfs_opendir (squashfs_opendir_1,
squashfs_opendir_3 and squashfs_opendir_4), and check for this in
pre_scan() and dir_scan().
Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 2625a3d8f39b94c4841bd605361f4b575b0dc1a5 |
|
31-Dec-2010 |
plougher <plougher> |
get rid of squashfs_fragment_index typedef
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 357dd102147ef55f1b1768322763e5d77770b056 |
|
31-Dec-2010 |
plougher <plougher> |
get rid of union squashfs_inode_header_3 typedef
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| cc8c394881f08d3a0a7c080f1be17a226136ce4f |
|
16-Dec-2010 |
plougher <plougher> |
Move dir assignment out of if in squashfs_opendir_3()
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 24fe7c7d9cd2fb5c39c66a95e74dd07884f2462b |
|
16-Dec-2010 |
plougher <plougher> |
Move fragment_table assignment out of if in read_fragment_table_3()
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| f2c8b3ecba4b9bdb74f3a178bf7c32a67ec90511 |
|
24-Oct-2010 |
plougher <plougher> |
Fix block calculation error with regular files when file size is
between 2^32-block_size+1 and 2^32-1
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 3c13c3362c168c1106c98b271f557bf02ff6ebc1 |
|
25-Aug-2010 |
plougher <plougher> |
Fix copyright dates - these files didn't exist before 2009, although
strictly speaking some of the code did in unsquashfs.c
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| bf5367daab5bd68959bf2b6c85f4df42783639a6 |
|
22-Jul-2010 |
plougher <plougher> |
Wrap some lines
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| e5c36b7d7f5bfd2b1426900c4bc3118889c78a9d |
|
22-Jul-2010 |
plougher <plougher> |
Make opendir_3 abort on malloc and realloc failure
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 1c19618b8016d1c35528c77eebc5fde8fc36309c |
|
22-Jul-2010 |
plougher <plougher> |
Abort if the mapping from deirectory start block to uncompressed block in
memory cannot be found. This is indicative of a corrupt filesystem and it
is pointless to continue
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 366afb0f46069111985689e2c134f10837586be4 |
|
22-Jul-2010 |
plougher <plougher> |
read_inode no longer returns error, and so delete the checks in the
filesystem specific files
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| a3bbedd581c7022ae2a7b940e967ada58ca47d03 |
|
22-Jul-2010 |
plougher <plougher> |
Abort if the mapping from on disk block location to locatiion of uncompressed
block in memory cannot be found. This is indicative of a corrupt filesystem
and it is pointless to continue
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| eca8d438c9b00aaf191de7c79f845ca5122f09b2 |
|
22-Jul-2010 |
plougher <plougher> |
Abort on unknown inode, rather than just ignore it. An unknown inode is
indicative of a corrupt filesystem, and it is pointless to continue.
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 8d4404d1f63a558f4903eb8c939bd4306a805d0f |
|
21-Jul-2010 |
plougher <plougher> |
Update copyright
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| fdbbd7d7e595a227e0c259fa4afc872098c9e471 |
|
04-Jul-2010 |
plougher <plougher> |
Record the xattr in struct dir and struct squashfs_file, and pass to
set_attributes.
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 12c899489159bbf0b30054b970a96c45fa2a1035 |
|
04-Jul-2010 |
plougher <plougher> |
Add xattr field to struct inode, and add support for reading xattr in
read_inode_4. All other read_inode_x functions also now set xattr to the
invalid value.
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 27c4b6f7f6a33bf7711c0ee8cd563e4604dc5861 |
|
02-Jul-2010 |
plougher <plougher> |
Replace fields in struct super_block copied from struct squashfs_super_block
with a nested struct squashfs_super_block
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 176b325add10f6b9846f771f75d8543364d4c121 |
|
18-Jun-2010 |
plougher <plougher> |
change unsquashfs read_block to take an fd
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 3306cb2b54a60a32664617118336ac141e1471b6 |
|
18-Jun-2010 |
plougher <plougher> |
change read_fs_bytes() from taking char * to taking void *
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 86561909d9ca51a4e4ce4efcfea30b41d1d08275 |
|
18-Jun-2010 |
plougher <plougher> |
rename read_bytes() to read_fs_bytes() to be consistent with mksquashfs.
Also pass fd explicitly into function, again to be consistent with mksquashfs.
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 1f68b70c35b1332c02aa60b9aa5723e5d5732441 |
|
01-Mar-2010 |
plougher <plougher> |
Fix alignment of char buffers
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 14c6476a2d4a8a2d2265b641fdb421f875485b8d |
|
21-Apr-2009 |
plougher <plougher> |
Fix return value in read_fragment_table_3
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 3e23745c113c8e94aed1a84c1a06f407e8efa0a5 |
|
31-Mar-2009 |
plougher <plougher> |
More code tidying
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 62c03d065d9e53557248a1db83a0e1e162fc872f |
|
30-Mar-2009 |
plougher <plougher> |
Code tidy
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| d355e4a210b468b9c0f70f2af30c14892390fdd3 |
|
27-Mar-2009 |
plougher <plougher> |
read_fragment_table_3() now returns error condition
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 937157a4ded95bf695a8b537b186b3180f902827 |
|
26-Mar-2009 |
plougher <plougher> |
Remove error goto and add some TRACE and ERROR statements
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 2751b4a665ee803e2fc81fc4e41fe2a24d551125 |
|
24-Mar-2009 |
plougher <plougher> |
Set sparse field to 0 (not a sparse file).
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 3bbe1219ca9d4e3fce9c6165d400c256a5ace605 |
|
24-Mar-2009 |
plougher <plougher> |
Rather than a static string in inode structure alloc symlink as necessary
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| f708c857b59246da8529f06d7dfeabae423ba0c5 |
|
19-Mar-2009 |
plougher <plougher> |
Explicitly include "squashfs_compat.h"
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| ba9aa5b8aa52708de7790a952157f247fefeaf00 |
|
16-Mar-2009 |
plougher <plougher> |
Make fragment_table_3 static and local to this file, and rename to
fragment_table. All users of fragment_table_3 are local to this file
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| 7119573e38fe615548bb743148dd0df080bd85b6 |
|
16-Mar-2009 |
plougher <plougher> |
Fragment_table renamed to fragment_table_3
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|
| e392c7e48a139f5a2ba334a84ed391a0f137284f |
|
14-Mar-2009 |
plougher <plougher> |
3.0 layout specific functions
/external/squashfs-tools/squashfs-tools/unsquash-3.c
|