Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / 11c8dd36edcc82564a19dbd0103302df66d66db0
commit11c8dd36edcc82564a19dbd0103302df66d66db0[log] [tgz]
authorStefano Babic <sbabic@denx.de>Wed Oct 20 08:51:45 2010 +0200
committerWolfgang Denk <wd@denx.de>Wed Oct 20 09:14:38 2010 +0200
treeb2e6607a5d313a9185d8c1f961b4a9f50a1c6a38
parent70994c79caec0b0304aa87d9695c79f1862ea340 [diff]
FAT: buffer overflow with FAT12/16

Last commit 3831530dcb7b71329c272ccd6181f8038b6a6dd0a was intended
"explicitly specify FAT12/16 root directory parsing buffer size, instead
of relying on cluster size". Howver, the underlying function requires
the size of the buffer in blocks, not in bytes, and instead of passing
a double sector size a request for 1024 blocks is sent. This generates
a buffer overflow with overwriting of other structure (in the case seen,
USB structures were overwritten).

Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Mikhail Zolotaryov <lebon@lebon.org.ua>
1 file changed
tree: b2e6607a5d313a9185d8c1f961b4a9f50a1c6a38
  1. api/
  2. arch/
  3. board/
  4. common/
  5. disk/
  6. doc/
  7. drivers/
  8. examples/
  9. fs/
  10. include/
  11. lib/
  12. nand_spl/
  13. net/
  14. onenand_ipl/
  15. post/
  16. tools/
  17. .gitignore
  18. boards.cfg
  19. config.mk
  20. COPYING
  21. CREDITS
  22. MAINTAINERS
  23. MAKEALL
  24. Makefile
  25. mkconfig
  26. README
  27. rules.mk
  28. snapshot.commit