summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorKenneth R Westerback <krw@cvs.openbsd.org>2022-08-11 20:22:28 +0000
committerKenneth R Westerback <krw@cvs.openbsd.org>2022-08-11 20:22:28 +0000
commitcd84c72f3ff6c72bc9b2e593a95348848a9b7e26 (patch)
tree023934d1461879c6d0e83b4e521f6399faef81f1 /sys
parentf702b4c4c49c85a4dbe2d13a011cdf59030b6014 (diff)
Don't trust gpt header data read from disk until after its
validity is checked. Found the hard way by kn@ Cluebats from millert@ and deraadt@. Fix tested by and ok kn@
Diffstat (limited to 'sys')
-rw-r--r--sys/kern/subr_disk.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/sys/kern/subr_disk.c b/sys/kern/subr_disk.c
index dcb4b224d33..90bdd46d7a7 100644
--- a/sys/kern/subr_disk.c
+++ b/sys/kern/subr_disk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: subr_disk.c,v 1.249 2022/08/06 14:48:33 krw Exp $ */
+/* $OpenBSD: subr_disk.c,v 1.250 2022/08/11 20:22:27 krw Exp $ */
/* $NetBSD: subr_disk.c,v 1.17 1996/03/16 23:17:08 christos Exp $ */
/*
@@ -470,7 +470,7 @@ gpt_get_hdr(struct buf *bp, void (*strat)(struct buf *), struct disklabel *lp,
uint64_t partlba;
uint64_t lbaend, lbastart;
uint32_t csum;
- uint32_t size, partsize, partspersec;
+ uint32_t size, partsize;
error = readdisksector(bp, strat, lp, sector);
@@ -481,14 +481,13 @@ gpt_get_hdr(struct buf *bp, void (*strat)(struct buf *), struct disklabel *lp,
size = letoh32(ngh.gh_size);
partsize = letoh32(ngh.gh_part_size);
- partspersec = lp->d_secsize / partsize;
partlba = letoh64(ngh.gh_part_lba);
lbaend = letoh64(ngh.gh_lba_end);
lbastart = letoh64(ngh.gh_lba_start);
csum = ngh.gh_csum;
ngh.gh_csum = 0;
- ngh.gh_csum = htole32(crc32(0, (unsigned char *)&ngh, size));
+ ngh.gh_csum = htole32(crc32(0, (unsigned char *)&ngh, GPTMINHDRSIZE));
if (letoh64(ngh.gh_sig) == GPTSIGNATURE &&
letoh32(ngh.gh_rev) == GPTREVISION &&
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 13:40:53 +0000