Validate the main MBR minimally; if it does not have the AA55 thingy we must

not read garbage values as partitions... which we then put into the spoofed
label... and which would lead disklabel -A to make surprising decisions.
earlier versions which did too much validation tested by many

1 files changed, 11 insertions, 7 deletions

diff --git a/sys/kern/subr_disk.c b/sys/kern/subr_disk.c
index a42e3e3ba09..65707d76ba9 100644
--- a/sys/kern/subr_disk.c
+++ b/sys/kern/subr_disk.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: subr_disk.c,v 1.87 2009/05/13 01:14:19 deraadt Exp $	*/
+/*	$OpenBSD: subr_disk.c,v 1.88 2009/05/15 01:57:16 deraadt Exp $	*/
 /*	$NetBSD: subr_disk.c,v 1.17 1996/03/16 23:17:08 christos Exp $	*/
 
 /*
@@ -415,6 +415,16 @@ readdoslabel(struct buf *bp, void (*strat)(struct buf *),
 
 		bcopy(bp->b_data + offset, dp, sizeof(dp));
 
+		if (n == 0 && part_blkno == DOSBBSECTOR) {
+			u_int16_t fattest;
+
+			/* Check the end of sector marker. */
+			fattest = ((bp->b_data[510] << 8) & 0xff00) |
+			    (bp->b_data[511] & 0xff);
+			if (fattest != 0x55aa)
+				goto notfat;
+		}
+
 		if (ourpart == -1) {
 			/* Search for our MBR partition */
 			for (dp2=dp, i=0; i < NDOSPART && ourpart == -1;
@@ -554,12 +564,6 @@ donot:
 		if (fattest < 512 || fattest > 4096 || (fattest % 512 != 0))
 			goto notfat;
 
-		/* Check the end of sector marker. */
-		fattest = ((bp->b_data[510] << 8) & 0xff00) |
-		    (bp->b_data[511] & 0xff);
-		if (fattest != 0x55aa)
-			goto notfat;
-
 		/* Looks like a FAT filesystem. Spoof 'i'. */
 		DL_SETPSIZE(&lp->d_partitions['i' - 'a'],
 		    DL_GETPSIZE(&lp->d_partitions[RAW_PART]));