A fuzzed HFS+ filesystem had log2blocksize = 22. This gave
log2blocksize + GRUB_DISK_SECTOR_BITS = 31. 1 << 31 = 0x80000000,
which is -1 as an int. This caused some wacky behavior later on in
the function, leading to out-of-bounds writes on the destination buffer.
Catch log2blocksize + GRUB_DISK_SECTOR_BITS >= 31. We could be stricter,
but this is the minimum that will prevent integer size weirdness.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Recent tests have discovered that many of our filesystems have flawed
handling of "." and "..". Rather than attempting to fix it in filesystems
themselves, make the common code fshelp aware of "." and ".." and handle
them in this layer. Add grub_fshelp_find_file_lookup for easy conversion
of BFS, HFS and exFAT which have the same problem and don't use fshelp.
* grub-core/fs/affs.c (grub_affs_read_file): Use grub_off_t for offset.
* grub-core/fs/afs.c (grub_afs_read_file): Likewise.
* grub-core/fs/fshelp.c (grub_fshelp_find_file): Remove leftover
variable.
* grub-core/fs/hfs.c (grub_hfs_read_file): Use grub_off_t for offset
and connected types.
* grub-core/fs/nilfs2.c (grub_nilfs2_read_file): Use grub_off_t for
offset.
(grub_nilfs2_iterate_dir): Use grub_off_t for fpos.
* grub-core/fs/sfs.c (grub_sfs_read_file): Use grub_off_t for offset.
* grub-core/fs/ufs.c (grub_ufs_read_file): Use grub_off_t for offset
and connected types.
