Blame SOURCES/Fixed-missing-stream-length-check-in-drive_file_quer.patch
|
 |
6fe37b |
From 80b2483373c00baec3a26b1d82027f16dfdd8859 Mon Sep 17 00:00:00 2001
|
|
|
6fe37b |
From: akallabeth <akallabeth@posteo.net>
|
|
|
6fe37b |
Date: Mon, 24 Oct 2022 08:45:05 +0200
|
|
|
6fe37b |
Subject: [PATCH] Fixed missing stream length check in
|
|
|
6fe37b |
drive_file_query_directory
|
|
|
6fe37b |
|
|
|
6fe37b |
(cherry picked from commit 4e4bb79795d6ac85473fb7a83e53ccf63d204b93)
|
|
|
6fe37b |
---
|
|
|
6fe37b |
channels/drive/client/drive_main.c | 3 +++
|
|
|
6fe37b |
1 file changed, 3 insertions(+)
|
|
|
6fe37b |
|
|
|
6fe37b |
diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c
|
|
|
6fe37b |
index d3776381c..b6cf2ad32 100644
|
|
|
6fe37b |
--- a/channels/drive/client/drive_main.c
|
|
|
6fe37b |
+++ b/channels/drive/client/drive_main.c
|
|
|
6fe37b |
@@ -629,6 +629,9 @@ static UINT drive_process_irp_query_directory(DRIVE_DEVICE* drive, IRP* irp)
|
|
|
6fe37b |
Stream_Read_UINT32(irp->input, PathLength);
|
|
|
6fe37b |
Stream_Seek(irp->input, 23); /* Padding */
|
|
|
6fe37b |
path = (WCHAR*)Stream_Pointer(irp->input);
|
|
|
6fe37b |
+ if (!Stream_CheckAndLogRequiredLength(TAG, irp->input, PathLength))
|
|
|
6fe37b |
+ return ERROR_INVALID_DATA;
|
|
|
6fe37b |
+
|
|
|
6fe37b |
file = drive_get_file_by_id(drive, irp->FileId);
|
|
|
6fe37b |
|
|
|
6fe37b |
if (file == NULL)
|
|
|
6fe37b |
--
|
|
|
6fe37b |
2.37.1
|
|
|
6fe37b |
|