upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-19 08:25:22 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

libsa: Fix infinite loop in bzipfs & gzipfs

Browse source 
A bug in the loader's bzipfs & gzipfs filesystems caused compressed
kernel and modules not to work on EFI systems with a veriexec-enabled
loader. Since the size of files in these filesystems are not known
_a priori_ `stat` would initialize the size to -1 and the loader would
then hang in an infinite loop while trying to seek (read) to the end
of file since the loop termination condition compares the current
offset to that negative target position.

Sponsored by:	Dell EMC Isilon

(cherry picked from commit 3df4c387d2)
This commit is contained in:
David Bright 2021-05-24 12:12:15 -05:00
parent 71b88ee39f
commit 3045f4aa1a
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
stand/libsa/bzipfs.c
View file

@ -340,6 +340,9 @@ bzf_seek(struct open_file *f, off_t offset, int where)
target - bzf->bzf_bzstream.total_out_lo32), NULL);
if (errno)
return(-1);
/* Break out of loop if end of file has been reached. */
if (bzf->bzf_endseen)
break;
}
/* This is where we are (be honest if we overshot) */
return(bzf->bzf_bzstream.total_out_lo32);

3
stand/libsa/gzipfs.c
View file

@ -315,6 +315,9 @@ zf_seek(struct open_file *f, off_t offset, int where)
target - zf->zf_zstream.total_out), NULL);
if (errno)
return(-1);
/* Break out of loop if end of file has been reached. */
if (zf->zf_endseen)
break;
}
/* This is where we are (be honest if we overshot) */
return(zf->zf_zstream.total_out);