grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] fix an infinite loop with a corrupted pc partition table

From: Pavel Roskin
Subject: Re: [PATCH] fix an infinite loop with a corrupted pc partition table
Date: Fri, 24 Jul 2009 15:56:32 -0400 
On Fri, 2009-07-24 at 18:58 +0200, Felix Zielcke wrote:
> With this [0] partition table grub-probe currently loops forever:
> 
> kern/disk.c:389: Reading `hd1'...
> partmap/pc.c:142: partition 0: flag 0x0, type 0x5, start 0x0, len
> 0x11177330

That's so evil!

> This patch fixes it, but probable there's a better fix.

We could require that all references to extended partitions are only
considered if they lead to a sector after the one currently being
processed.

Actually, no partition table should point to any partition (extended or
not) in an earlier sector, but it's enough to exclude backward links
between extended partitions to break the loop.

ChangeLog:

        * partmap/pc.c (pc_partition_map_iterate): Only allow references
        to subsequent sectors in extended partition entries.
---
 partmap/pc.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/partmap/pc.c b/partmap/pc.c
index 6f68ecf..cd119c0 100644
--- a/partmap/pc.c
+++ b/partmap/pc.c
@@ -208,7 +208,13 @@ pc_partition_map_iterate (grub_disk_t disk,
 
          if (grub_pc_partition_is_extended (e->type))
            {
-             p.offset = pcdata.ext_offset + grub_le_to_cpu32 (e->start);
+             grub_disk_addr_t new_offset;
+
+             /* Only allow references subsequent sectors */
+             new_offset = pcdata.ext_offset + grub_le_to_cpu32 (e->start);
+             if (new_offset <= p.offset)
+               continue;
+
              if (! pcdata.ext_offset)
                pcdata.ext_offset = p.offset;
 

-- 
Regards,
Pavel Roskin
reply via email to
[Prev in Thread] Current Thread [Next in Thread]