Re: [PATCH v2 2/7] udf: Check output buffer length when converting name to CS0

From: Jan Kara
Date: Mon Jan 04 2016 - 12:19:05 EST

Next message: Marcelo Tosatti: "Re: [RFD] CAT user space interface revisited"
Previous message: Loan Service: "[no subject]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 24-12-15 10:25:33, Andrew Gabbasov wrote:
> If a name contains at least some characters with Unicode values
> exceeding single byte, the CS0 output should have 2 bytes per character.
> And if other input characters have single byte Unicode values, then
> the single input byte is converted to 2 output bytes, and the length
> of output becomes larger than the length of input. And if the input
> name is long enough, the output length may exceed the allocated buffer
> length.
>
> All this means that conversion from UTF8 or NLS to CS0 requires
> checking of output length in order to stop when it exceeds the given
> output buffer size.
>
> Signed-off-by: Andrew Gabbasov <andrew_gabbasov@xxxxxxxxxx>

I have taken this patch to my tree with a slight modification that
udf_xxxtoCS0 functions return 0 when they would need to truncate the name.
That way we properly return ENAMETOOLONG when user tries to create name we
cannot store instead of silently truncating it.

Honza
> ---
> fs/udf/unicode.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/fs/udf/unicode.c b/fs/udf/unicode.c
> index 95a224b..155f912 100644
> --- a/fs/udf/unicode.c
> +++ b/fs/udf/unicode.c
> @@ -177,17 +177,18 @@ int udf_CS0toUTF8(struct ustr *utf_o, const struct ustr *ocu_i)
> static int udf_UTF8toCS0(dstring *ocu, struct ustr *utf, int length)
> {
> unsigned c, i, max_val, utf_char;
> - int utf_cnt, u_len;
> + int utf_cnt, u_len, u_ch;
>
> memset(ocu, 0, sizeof(dstring) * length);
> ocu[0] = 8;
> max_val = 0xffU;
> + u_ch = 1;
>
> try_again:
> u_len = 0U;
> utf_char = 0U;
> utf_cnt = 0U;
> - for (i = 0U; i < utf->u_len; i++) {
> + for (i = 0U; (i < utf->u_len) && ((u_len + 1 + u_ch) < length); i++) {
> c = (uint8_t)utf->u_name[i];
>
> /* Complete a multi-byte UTF-8 character */
> @@ -229,6 +230,7 @@ try_again:
> if (max_val == 0xffU) {
> max_val = 0xffffU;
> ocu[0] = (uint8_t)0x10U;
> + u_ch = 2;
> goto try_again;
> }
> goto error_out;
> @@ -299,15 +301,16 @@ static int udf_NLStoCS0(struct nls_table *nls, dstring *ocu, struct ustr *uni,
> int len;
> unsigned i, max_val;
> uint16_t uni_char;
> - int u_len;
> + int u_len, u_ch;
>
> memset(ocu, 0, sizeof(dstring) * length);
> ocu[0] = 8;
> max_val = 0xffU;
> + u_ch = 1;
>
> try_again:
> u_len = 0U;
> - for (i = 0U; i < uni->u_len; i++) {
> + for (i = 0U; (i < uni->u_len) && ((u_len + 1 + u_ch) < length); i++) {
> len = nls->char2uni(&uni->u_name[i], uni->u_len - i, &uni_char);
> if (!len)
> continue;
> @@ -320,6 +323,7 @@ try_again:
> if (uni_char > max_val) {
> max_val = 0xffffU;
> ocu[0] = (uint8_t)0x10U;
> + u_ch = 2;
> goto try_again;
> }
>
> --
> 2.1.0
>
>
--
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Marcelo Tosatti: "Re: [RFD] CAT user space interface revisited"
Previous message: Loan Service: "[no subject]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]