[edk2-platforms][PATCH v2 09/11] Ext4Pkg: Check that source file is directory in Ext4OpenInternal

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Savva Mitrofanov" <savvamtr@gmail.com>
To: devel@edk2.groups.io
Cc: "Marvin Häuser" <mhaeuser@posteo.de>,
	"Pedro Falcato" <pedro.falcato@gmail.com>,
	"Vitaly Cheptsov" <vit9696@protonmail.com>
Subject: [edk2-platforms][PATCH v2 09/11] Ext4Pkg: Check that source file is directory in Ext4OpenInternal
Date: Mon, 12 Dec 2022 20:46:52 +0600	[thread overview]
Message-ID: <20221212144654.2650-10-savvamtr@gmail.com> (raw)
In-Reply-To: <20221212144654.2650-1-savvamtr@gmail.com>

This check already present in the while loop below, but absent for cases
when input file is nameless, so to handle assertion in Ext4ReadFile we
need to add it at the top of function

Cc: Marvin Häuser <mhaeuser@posteo.de>
Cc: Pedro Falcato <pedro.falcato@gmail.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Fixes: e55f0527dde48a5f139c1b8f35acc4e6b59dd794
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
---
 Features/Ext4Pkg/Ext4Dxe/File.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/Features/Ext4Pkg/Ext4Dxe/File.c b/Features/Ext4Pkg/Ext4Dxe/File.c
index 04198a53bfc0..20a0194a5793 100644
--- a/Features/Ext4Pkg/Ext4Dxe/File.c
+++ b/Features/Ext4Pkg/Ext4Dxe/File.c
@@ -207,6 +207,11 @@ Ext4OpenInternal (
   Level     = 0;
 
   DEBUG ((DEBUG_FS, "[ext4] Ext4OpenInternal %s\n", FileName));
+
+  if (!Ext4FileIsDir (Current)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   // If the path starts with a backslash, we treat the root directory as the base directory
   if (FileName[0] == L'\\') {
     FileName++;
@@ -219,6 +224,10 @@ Ext4OpenInternal (
       return EFI_ACCESS_DENIED;
     }
 
+    if (!Ext4FileIsDir (Current)) {
+      return EFI_INVALID_PARAMETER;
+    }
+
     // Discard leading path separators
     while (FileName[0] == L'\\') {
       FileName++;
@@ -242,10 +251,6 @@ Ext4OpenInternal (
 
     DEBUG ((DEBUG_FS, "[ext4] Opening %s\n", PathSegment));
 
-    if (!Ext4FileIsDir (Current)) {
-      return EFI_INVALID_PARAMETER;
-    }
-
     if (!Ext4IsLastPathSegment (FileName)) {
       if (!Ext4DirCanLookup (Current)) {
         return EFI_ACCESS_DENIED;
-- 
2.38.1

next prev parent reply	other threads:[~2022-12-12 14:47 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-12 14:46 [edk2-platforms][PATCH v2 00/11] Ext4Pkg: Code correctness and security improvements Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 01/11] Ext4Pkg: Fix memory leak in Ext4RetrieveDirent Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 02/11] Ext4Pkg: Move EXT4_NAME_MAX definition to Ext4Disk.h Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 03/11] Ext4Pkg: Fix global buffer overflow in Ext4ReadDir Savva Mitrofanov
2022-12-16 16:03   ` Marvin Häuser
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 04/11] Ext4Pkg: Fix incorrect checksum metadata feature check Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 05/11] Ext4Pkg: Fix division by zero by adding check for s_inodes_per_group Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 06/11] Ext4Pkg: Add inode number validity check Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 07/11] Ext4Pkg: Fix shift out of bounds in Ext4OpenSuperblock Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 08/11] Ext4Pkg: Corrects integer overflow check logic in DiskUtil Savva Mitrofanov
2022-12-12 14:46 ` Savva Mitrofanov [this message]
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 10/11] Ext4Pkg: Check VolumeName allocation correctness in Ext4GetVolumeName Savva Mitrofanov
2022-12-12 14:46 ` [edk2-platforms][PATCH v2 11/11] Ext4Pkg: Add missing exit Status in Ext4OpenDirent Savva Mitrofanov

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:04198a53bfc dfblob:20a0194a579 )
 OR (
bs:"[edk2-platforms][PATCH v2 09/11] Ext4Pkg: Check that source file is directory in Ext4OpenInternal" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221212144654.2650-10-savvamtr@gmail.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox