diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c index 5be73a5a224099c194e04dc27889a8fc33093ea9..4d22ad28ece6fcc0cd5096fc4dd792aa9ce97cee 100644 --- a/tsk/fs/hfs.c +++ b/tsk/fs/hfs.c @@ -3781,6 +3781,14 @@ hfs_load_extended_attrs(TSK_FS_FILE * fs_file, // This is the length of the useful data, not including the record header attributeLength = tsk_getu32(endian, attrData->attr_size); + // Check the attribute fits in the node + //if (recordType != HFS_ATTR_RECORD_INLINE_DATA) { + if (recOffset + keyLength + 2 + attributeLength > attrFile.nodeSize) { + error_detected(TSK_ERR_FS_READ, + "hfs_load_extended_attrs: Unable to process attribute"); + goto on_error; + } + buffer = malloc(attributeLength); if (buffer == NULL) { error_detected(TSK_ERR_AUX_MALLOC,