Re: [PATCH] isofs: fix undefined behavior in iso_date()

From: Dan Carpenter
Date: Mon Jul 10 2023 - 05:59:15 EST

Next message: Gao Xiang: "Re: [PATCH] erofs: fix to avoid infinite loop in z_erofs_do_read_page() when read page beyond EOF"
Previous message: Udit Kumar: "[RESEND PATCH] scsi: ufs: TI UFS host controller expose device tree aliases"
In reply to: linke li: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Next in thread: David Laight: "RE: [PATCH] isofs: fix undefined behavior in iso_date()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It looks like maybe there is an issue with "year" as well.

fs/isofs/util.c
19 int iso_date(u8 *p, int flag)
20 {
21 int year, month, day, hour, minute, second, tz;
22 int crtime;
23
24 year = p[0];
^^^^^
year is 0-255.

25 month = p[1];
26 day = p[2];
27 hour = p[3];
28 minute = p[4];
29 second = p[5];
30 if (flag == 0) tz = p[6]; /* High sierra has no time zone */
31 else tz = 0;
32
33 if (year < 0) {
^^^^^^^^
But this checks year for < 0 which is impossible. Should it be:

year = (signed char)p[0];?

34 crtime = 0;
35 } else {
36 crtime = mktime64(year+1900, month, day, hour, minute, second);
37
38 /* sign extend */
39 if (tz & 0x80)
40 tz |= (-1 << 8);
41
42 /*

regards,
dan carpenter

Next message: Gao Xiang: "Re: [PATCH] erofs: fix to avoid infinite loop in z_erofs_do_read_page() when read page beyond EOF"
Previous message: Udit Kumar: "[RESEND PATCH] scsi: ufs: TI UFS host controller expose device tree aliases"
In reply to: linke li: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Next in thread: David Laight: "RE: [PATCH] isofs: fix undefined behavior in iso_date()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]