[PATCH 25/26] libblkid: ntfs: avoid UB in signed shift

author Thomas Weißschuh <thomas@t-8ch.de>

Thu, 10 Nov 2022 17:35:00 +0000 (18:35 +0100)

committer Chris Hofstaedtler <zeha@debian.org>

Sat, 19 Nov 2022 15:48:44 +0000 (15:48 +0000)
author Thomas Weißschuh <thomas@t-8ch.de>
Thu, 10 Nov 2022 17:35:00 +0000 (18:35 +0100)
committer Chris Hofstaedtler <zeha@debian.org>
Sat, 19 Nov 2022 15:48:44 +0000 (15:48 +0000)
diff --git a/libblkid/src/superblocks/ntfs.c b/libblkid/src/superblocks/ntfs.c

index dced69941e07e85a4cb3e813adb6cf5cc7d0be92..217e7e8be2bdc599b8fe13d7022d3db5fa432523 100644 (file)
--- a/libblkid/src/superblocks/ntfs.c
+++ b/libblkid/src/superblocks/ntfs.c
@@ -135,11 +135,15 @@ static int __probe_ntfs(blkid_probe pr, const struct blkid_idmag *mag, int save_
                 }
         }
  
-       if (ns->clusters_per_mft_record > 0)
+       if (ns->clusters_per_mft_record > 0) {
                 mft_record_size = ns->clusters_per_mft_record *
                                   sectors_per_cluster * sector_size;
-       else
-               mft_record_size = 1 << (0 - ns->clusters_per_mft_record);
+       } else {
+               int8_t mft_record_size_shift = 0 - ns->clusters_per_mft_record;
+               if (mft_record_size_shift < 0 || mft_record_size_shift >= 31)
+                       return 1;
+               mft_record_size = 1 << mft_record_size_shift;
+       }
  
         nr_clusters = le64_to_cpu(ns->number_of_sectors) / sectors_per_cluster;
author	Thomas Weißschuh <thomas@t-8ch.de>
	Thu, 10 Nov 2022 17:35:00 +0000 (18:35 +0100)
committer	Chris Hofstaedtler <zeha@debian.org>
	Sat, 19 Nov 2022 15:48:44 +0000 (15:48 +0000)