[gnome-games] playstation: Check boundaries of sectors to access

From: Adrien Plazas <aplazas src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-games] playstation: Check boundaries of sectors to access
Date: Sun, 16 Jul 2017 08:53:35 +0000 (UTC)

commit b20f70fffb0e74c3121f0994af6696cc3327fe08
Author: Adrien Plazas <kekun plazas laposte net>
Date:   Sun Jul 16 10:29:04 2017 +0200

    playstation: Check boundaries of sectors to access
    
    Check the boundaries of the sector to access: it shouldn't be negative
    and the computation of the offset of the sector shouldn't overflow.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=775255

 plugins/playstation/src/disc-image.c |   36 ++++++++++++++++++++++++++++++++-
 1 files changed, 34 insertions(+), 2 deletions(-)
---
diff --git a/plugins/playstation/src/disc-image.c b/plugins/playstation/src/disc-image.c
index bb25b2d..048865c 100644
--- a/plugins/playstation/src/disc-image.c
+++ b/plugins/playstation/src/disc-image.c
@@ -8,9 +8,15 @@
 
 /* Private */
 
+#define GAMES_DISC_IMAGE_ERROR games_disc_image_error_quark ()
+
 #define GAMES_DISC_IMAGE_FRAME_SIZE           2352
 #define GAMES_DISC_IMAGE_FRAME_HEADER_SIZE    12
 
+enum GamesDiscImageError {
+  GAMES_DISC_IMAGE_ERROR_INVALID_SECTOR,
+};
+
 typedef struct {
   const gchar        *filename;
   GamesDiscImageTime *time;
@@ -51,6 +57,12 @@ get_file_co (GamesDiscFileInfo *file_info,
   return TRUE;
 }
 
+static GQuark
+games_disc_image_error_quark (void)
+{
+  return g_quark_from_static_string ("games-disc-image-error-quark");
+}
+
 /* Public */
 
 void
@@ -88,6 +100,7 @@ games_disc_image_read_frame (GamesDiscImage            *disc,
                              GError                   **error)
 {
   gssize read;
+  gint sector;
   gsize offset;
   GError *tmp_error = NULL;
 
@@ -95,8 +108,27 @@ games_disc_image_read_frame (GamesDiscImage            *disc,
   g_return_val_if_fail (time != NULL, FALSE);
   g_return_val_if_fail (frame != NULL, FALSE);
 
-  // FIXME Check the multiplication doesn't overflow.
-  offset = games_disc_image_time_get_sector (time) * sizeof (GamesDiscFrame);
+  sector = games_disc_image_time_get_sector (time);
+  if (sector < 0) {
+    g_set_error (error,
+                 GAMES_DISC_IMAGE_ERROR,
+                 GAMES_DISC_IMAGE_ERROR_INVALID_SECTOR,
+                 "The sector index %d is inferior to 0 and hence is invalid.",
+                 sector);
+
+    return FALSE;
+  }
+
+  if (!g_size_checked_mul (&offset, sector, sizeof (GamesDiscFrame))) {
+    g_set_error (error,
+                 GAMES_DISC_IMAGE_ERROR,
+                 GAMES_DISC_IMAGE_ERROR_INVALID_SECTOR,
+                 "The sector index %d is too big to be usable and hence is invalid.",
+                 sector);
+
+    return FALSE;
+  }
+
   g_seekable_seek (G_SEEKABLE (disc->input_stream),
                    offset, G_SEEK_SET,
                    cancellable, &tmp_error);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]