summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Brüns <stefan.bruens@rwth-aachen.de>2016-12-17 00:27:50 +0100
committerTom Rini <trini@konsulko.com>2016-12-27 11:24:13 -0500
commit6c1a808052ba6a875df7aa450b6df4b199f3a281 (patch)
tree92e632f3ade5970513c8e6058f3946196a19d98b
parentc99d1b3ccf8d6fda809bb391da9cde86157cc4c9 (diff)
fs/fat: Avoid corruption of sectors following the FAT
The FAT is read/flushed in segments of 6 (FATBUFBLOCKS) disk sectors. The last segment may be less than 6 sectors, cap the length. Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de> Reviewed-by: Benoît Thébaudeau <benoit.thebaudeau.dev@gmail.com>
-rw-r--r--fs/fat/fat.c1
-rw-r--r--fs/fat/fat_write.c22
2 files changed, 13 insertions, 10 deletions
diff --git a/fs/fat/fat.c b/fs/fat/fat.c
index df9f2b5656..6319581406 100644
--- a/fs/fat/fat.c
+++ b/fs/fat/fat.c
@@ -202,6 +202,7 @@ static __u32 get_fatent(fsdata *mydata, __u32 entry)
__u32 fatlength = mydata->fatlength;
__u32 startblock = bufnum * FATBUFBLOCKS;
+ /* Cap length if fatlength is not a multiple of FATBUFBLOCKS */
if (startblock + getsize > fatlength)
getsize = fatlength - startblock;
diff --git a/fs/fat/fat_write.c b/fs/fat/fat_write.c
index aab0b0e71d..4605020854 100644
--- a/fs/fat/fat_write.c
+++ b/fs/fat/fat_write.c
@@ -117,10 +117,11 @@ static int flush_dirty_fat_buffer(fsdata *mydata)
if ((!mydata->fat_dirty) || (mydata->fatbufnum == -1))
return 0;
- startblock += mydata->fat_sect;
+ /* Cap length if fatlength is not a multiple of FATBUFBLOCKS */
+ if (startblock + getsize > fatlength)
+ getsize = fatlength - startblock;
- if (getsize > fatlength)
- getsize = fatlength;
+ startblock += mydata->fat_sect;
/* Write FAT buf */
if (disk_write(startblock, getsize, bufptr) < 0) {
@@ -187,8 +188,9 @@ static __u32 get_fatent_value(fsdata *mydata, __u32 entry)
__u32 fatlength = mydata->fatlength;
__u32 startblock = bufnum * FATBUFBLOCKS;
- if (getsize > fatlength)
- getsize = fatlength;
+ /* Cap length if fatlength is not a multiple of FATBUFBLOCKS */
+ if (startblock + getsize > fatlength)
+ getsize = fatlength - startblock;
startblock += mydata->fat_sect; /* Offset from start of disk */
@@ -499,15 +501,15 @@ static int set_fatent_value(fsdata *mydata, __u32 entry, __u32 entry_value)
__u32 fatlength = mydata->fatlength;
__u32 startblock = bufnum * FATBUFBLOCKS;
- fatlength *= mydata->sect_size;
- startblock += mydata->fat_sect;
-
- if (getsize > fatlength)
- getsize = fatlength;
+ /* Cap length if fatlength is not a multiple of FATBUFBLOCKS */
+ if (startblock + getsize > fatlength)
+ getsize = fatlength - startblock;
if (flush_dirty_fat_buffer(mydata) < 0)
return -1;
+ startblock += mydata->fat_sect;
+
if (disk_read(startblock, getsize, bufptr) < 0) {
debug("Error reading FAT blocks\n");
return -1;