From bd3bc0462e105af49ba8048aee0de9068f230fea Mon Sep 17 00:00:00 2001
From: apriestman <apriestman@basistech.com>
Date: Tue, 12 Jul 2022 15:01:23 -0400
Subject: [PATCH] Check whether the max path length is exceeded and record the
file path. Add check on sector size to avoid possible seg fault.
---
tsk/fs/logical_fs.cpp | 16 ++++++++++++++++
tsk/img/img_io.c | 4 +++-
tsk/img/logical_img.c | 4 +++-
3 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/tsk/fs/logical_fs.cpp b/tsk/fs/logical_fs.cpp
index d39846904..620547e83 100644
--- a/tsk/fs/logical_fs.cpp
+++ b/tsk/fs/logical_fs.cpp
@@ -309,6 +309,14 @@ load_dir_and_file_lists_win(const TSK_TCHAR *base_path, vector<wstring>& file_na
return TSK_ERR;
}
+ if (TSTRLEN(search_path_wildcard) >= MAX_PATH) {
+ free(search_path_wildcard);
+ tsk_error_reset();
+ tsk_error_set_errno(TSK_ERR_FS_GENFS);
+ tsk_error_set_errstr("load_dir_and_file_lists: Error looking up contents of directory (path too long) %" PRIttocTSK, base_path);
+ return TSK_ERR;
+ }
+
// Look up all files and folders in the base directory
hFind = ::FindFirstFile(search_path_wildcard, &fd);
if (hFind != INVALID_HANDLE_VALUE) {
@@ -764,6 +772,14 @@ logicalfs_file_add_meta(TSK_FS_INFO *a_fs, TSK_FS_FILE * a_fs_file,
#ifdef TSK_WIN32
// Load the file
+ if (TSTRLEN(path) >= MAX_PATH) {
+ free(path);
+ tsk_error_reset();
+ tsk_error_set_errno(TSK_ERR_FS_GENFS);
+ tsk_error_set_errstr("load_dir_and_file_lists: Error looking up contents of directory (path too long) %" PRIttocTSK, path);
+ return TSK_ERR;
+ }
+
WIN32_FIND_DATA fd;
HANDLE hFind = ::FindFirstFile(path, &fd);
if (hFind != INVALID_HANDLE_VALUE) {
diff --git a/tsk/img/img_io.c b/tsk/img/img_io.c
index a8c54b3c0..dd84b24c6 100755
--- a/tsk/img/img_io.c
+++ b/tsk/img/img_io.c
@@ -21,7 +21,7 @@ static ssize_t tsk_img_read_no_cache(TSK_IMG_INFO * a_img_info, TSK_OFF_T a_off,
/* Some of the lower-level methods like block-sized reads.
* So if the len is not that multiple, then make it. */
- if (a_len % a_img_info->sector_size) {
+ if ((a_img_info->sector_size > 0) && (a_len % a_img_info->sector_size)) {
char *buf2 = a_buf;
size_t len_tmp;
@@ -91,6 +91,7 @@ tsk_img_read(TSK_IMG_INFO * a_img_info, TSK_OFF_T a_off,
// maps to an int64 we prefer it over size_t although likely checking
// for ( a_len > SSIZE_MAX ) is better but the code does not seem to
// use that approach.
+
if ((TSK_OFF_T) a_len < 0) {
tsk_error_reset();
tsk_error_set_errno(TSK_ERR_IMG_ARG);
@@ -212,6 +213,7 @@ tsk_img_read(TSK_IMG_INFO * a_img_info, TSK_OFF_T a_off,
// since read_count is used in the calculation it may not be negative.
// Also it does not make sense to copy data when the read_count is 0.
if (read_count > 0) {
+
TSK_OFF_T rel_off = 0;
a_img_info->cache_age[cache_next] = CACHE_AGE;
a_img_info->cache_len[cache_next] = read_count;
diff --git a/tsk/img/logical_img.c b/tsk/img/logical_img.c
index c687fe8d5..faf227674 100644
--- a/tsk/img/logical_img.c
+++ b/tsk/img/logical_img.c
@@ -79,7 +79,9 @@ logical_close(TSK_IMG_INFO * img_info)
static ssize_t
logical_read(TSK_IMG_INFO * img_info, TSK_OFF_T offset, char *buf, size_t len)
{
- printf("Logical image read not supported\n");
+ tsk_error_reset();
+ tsk_error_set_errno(TSK_ERR_IMG_READ);
+ tsk_error_set_errstr("logical_read: Logical image read is not supported");
return 0;
}
--
GitLab