diff --git a/ChangeLog b/ChangeLog index c64c63b48..6809db62d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2011-12-25 Vladimir Serbinenko + + * grub-core/fs/hfs.c (grub_hfs_dir): Cap keylen to actually available + space to avoid overflows. + (grub_hfs_label): Convert from macroman to UTF-8. + 2011-12-25 Vladimir Serbinenko * grub-core/fs/affs.c (grub_affs_label): Interpret label as latin1. diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c index 4474ebef7..8979831b7 100644 --- a/grub-core/fs/hfs.c +++ b/grub-core/fs/hfs.c @@ -1145,14 +1145,15 @@ grub_hfs_dir (grub_device_t device, const char *path, int dir_hook (struct grub_hfs_record *rec) { - char fname[32 * MAX_UTF8_PER_MAC_ROMAN] = { 0 }; struct grub_hfs_dirrec *drec = rec->data; struct grub_hfs_filerec *frec = rec->data; struct grub_hfs_catalog_key *ckey = rec->key; + char fname[sizeof (ckey->str) * MAX_UTF8_PER_MAC_ROMAN + 1] = { 0 }; struct grub_dirhook_info info; grub_memset (&info, 0, sizeof (info)); - macroman_to_utf8 (fname, ckey->str, ckey->strlen); + macroman_to_utf8 (fname, ckey->str, grub_min (ckey->strlen, + sizeof (ckey->str))); info.case_insensitive = 1; @@ -1270,8 +1271,14 @@ grub_hfs_label (grub_device_t device, char **label) data = grub_hfs_mount (device->disk); if (data) - *label = grub_strndup ((char *) (data->sblock.volname + 1), - *data->sblock.volname); + { + grub_size_t len = grub_min (sizeof (data->sblock.volname) - 1, + data->sblock.volname[0]); + *label = grub_malloc (len * MAX_UTF8_PER_MAC_ROMAN + 1); + if (*label) + macroman_to_utf8 (*label, data->sblock.volname + 1, + len + 1); + } else *label = 0;