Re: [Libcdio-devel] buffer overflow/memory corruption in udf_readdir()

[Rocky Bernstein]

On Tue, Jan 17, 2012 at 10:29 AM, Thomas Schmitt <address@hidden> wrote:

> Hi,
>
> > I'd have to considerably ramp up my knowledge on those, as it is
> currently
> > nil...
>
> I have a note sheet with pointers into ECMA-167 and UDF-2.60 and lots of
> question marks. (Plus a copy of the interesting stair shaped ASCII painting
> at the beginning of libcdio's udf_fs.c)
>
> If you happen to need a description of UDF, then we have a common
> interest and should cooperate on collecting facts. (E.g. i only have
> UDFs from mkisofs and from the Linux kernel. The specs leave enough
> room for surprises in examples from other producers.)
>
>
> > Have you had a look at what 7-zip source does (7z/CPP/7zip/Archive/Udf/)?
>
> That would be a source of information for the description.
> Google found me
> https://bitbucket.org/gongminmin/klayge/src/606b64ac900a/External/7z/CPP/7zip/Archive/Udf
> ... ahum ... the stair painting seems to fit into UdfIn.cpp
> enum EDescriptorType. (Riddling about libcdio "Root Dir File Entry" and
> "File data", though.)
>
> C++ is hard to decode for me. Well, if nothing else helps, one will have
> to determine what this code does and how it relates to the specs.
>
> First one should explore (exploit ?) the libcdio code, of course.
> Linux kernel code and docs could be interesting too.
>
>
> From such a description it would be quite straightforward to fix problems
> in libcdio or to implement own UDF software.
>

And I don't mind helping out in little ways. But others have to take the
lead on this, especially as I have no personal interest or need for UDF
support.

(Again with respect to helping out in little ways, I'll point to the recent
addition of abs_path.c for greenleon which I did because of his
contribution toward fixing up cd-text - something I also have no personal
interest or need for.)



>
>
> Have a nice day :)
>
> Thomas
>
>
>