From 218a868e1f273a89a3ddd9b36b63ef381915bac0 Mon Sep 17 00:00:00 2001
From: esaunders <esaunders@basistech.com>
Date: Tue, 3 Dec 2019 14:11:44 -0500
Subject: [PATCH] Check that the allocated node is large enough to be treated
 as a hfs_btree_key_cat.

---
 tsk/fs/hfs.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
index 8c268a53e..afddad87e 100755
--- a/tsk/fs/hfs.c
+++ b/tsk/fs/hfs.c
@@ -953,6 +953,15 @@ hfs_cat_traverse(HFS_INFO * hfs,
                     return 1;
                 }
 
+                if (sizeof(hfs_btree_key_cat) > nodesize - rec_off) {
+                    tsk_error_set_errno(TSK_ERR_FS_GENFS);
+                    tsk_error_set_errstr
+                    ("hfs_cat_traverse: record %d in index node %d truncated",
+                        rec, cur_node);
+                    free(node);
+                    return 1;
+                }
+
                 key = (hfs_btree_key_cat *) & node[rec_off];
 
                 keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len);
-- 
GitLab