0004-lib-fs-resize-Prevent-crash-resizing-FAT16-file-syst.patch

   1 From 1e9e770f4bc7f3d80e09ecd1df58575fad064163 Mon Sep 17 00:00:00 2001
   2 From: Mike Fleetwood <mike.fleetwood@googlemail.com>
   3 Date: Sun, 28 Sep 2014 16:15:48 +0100
   4 Subject: [PATCH 4/6] lib-fs-resize: Prevent crash resizing FAT16 file systems
   5
   6 Resizing FAT16 file system crashes in libparted/fs/r/fat/resize.c
   7 create_resize_context() because it was dereferencing NULL pointer
   8 fs_info->info_sector to copy the info_sector.
   9
  10 Only FAT32 file systems have info_sector populated by fat_open() ->
  11 fat_info_sector_read().  FAT12 and FAT16 file systems don't have an
  12 info_sector so pointer fs_info->info_sector remains assigned NULL from
  13 fat_alloc().  When resizing a FAT file system create_resize_context()
  14 was always dereferencing fs_info->info_sector to memory copy the
  15 info_sector, hence it crashed for FAT12 and FAT16.
  16
  17 Make create_resize_context() only copy the info_sector for FAT32 file
  18 systems.
  19
  20 Reported by Christian Hesse in
  21 https://bugzilla.gnome.org/show_bug.cgi?id=735669
  22 ---
  23  NEWS                        |  4 ++++
  24  libparted/fs/r/fat/resize.c | 12 +++++++++---
  25  2 files changed, 13 insertions(+), 3 deletions(-)
  26
  27 diff --git a/NEWS b/NEWS
  28 index 297b0a5..da7db50 100644
  29 --- a/NEWS
  30 +++ b/NEWS
  31 @@ -2,6 +2,10 @@ GNU parted NEWS                                    -*- outline -*-
  32
  33  * Noteworthy changes in release ?.? (????-??-??) [?]
  34
  35 +** Bug Fixes
  36 +
  37 +  libparted-fs-resize: Prevent crash resizing FAT16 file systems.
  38 +
  39
  40  * Noteworthy changes in release 3.2 (2014-07-28) [stable]
  41
  42 diff --git a/libparted/fs/r/fat/resize.c b/libparted/fs/r/fat/resize.c
  43 index 919acf0..bfe60a0 100644
  44 --- a/libparted/fs/r/fat/resize.c
  45 +++ b/libparted/fs/r/fat/resize.c
  46 @@ -668,11 +668,17 @@ create_resize_context (PedFileSystem* fs, const PedGeometry* new_geom)
  47
  48  /* preserve boot code, etc. */
  49         new_fs_info->boot_sector = ped_malloc (new_geom->dev->sector_size);
  50 -       new_fs_info->info_sector = ped_malloc (new_geom->dev->sector_size);
  51         memcpy (new_fs_info->boot_sector, fs_info->boot_sector,
  52                 new_geom->dev->sector_size);
  53 -       memcpy (new_fs_info->info_sector, fs_info->info_sector,
  54 -               new_geom->dev->sector_size);
  55 +       new_fs_info->info_sector = NULL;
  56 +       if (fs_info->fat_type == FAT_TYPE_FAT32)
  57 +       {
  58 +               PED_ASSERT (fs_info->info_sector != NULL);
  59 +               new_fs_info->info_sector =
  60 +                       ped_malloc (new_geom->dev->sector_size);
  61 +               memcpy (new_fs_info->info_sector, fs_info->info_sector,
  62 +                       new_geom->dev->sector_size);
  63 +       }
  64
  65         new_fs_info->logical_sector_size = fs_info->logical_sector_size;
  66         new_fs_info->sector_count = new_geom->length;
  67 --
  68 1.9.3
  69