| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jun 2009 06:04:30 +0100
From: Phillip Lougher <phillip@...gher.demon.co.uk>
To: torvalds@...ux-foundation.org, hpa@...or.com,
akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
alain@...ff.lu
Subject: [PATCH 2/3] bzip2/lzma: Remove nasty uncompressed size hack in pre-boot environment
decompress_bunzip2 and decompress_unlzma have a nasty hack that subtracts
4 from the input length if being called in the pre-boot environment.
This is a nasty hack because it relies on the fact that
flush = NULL only when called from the pre-boot environment
(i.e. arch/x86/boot/compressed/misc.c). initramfs.c/do_mounts_rd.c pass
in a flush buffer (flush != NULL).
This hack prevents the decompressors from being used with flush = NULL by
other callers unless knowledge of the hack is propagated to them.
This patch removes the hack by making decompress (called only from the
pre-boot environment) a wrapper function that subtracts 4 from the input
length before calling the decompressor.
Signed-off-by: Phillip Lougher <phillip@...gher.demon.co.uk>
---
lib/decompress_bunzip2.c | 22 ++++++++++++++++------
lib/decompress_unlzma.c | 21 ++++++++++++++++-----
2 files changed, 32 insertions(+), 11 deletions(-)
diff --git a/lib/decompress_bunzip2.c b/lib/decompress_bunzip2.c
index 708e2a8..d3dc9f2 100644
--- a/lib/decompress_bunzip2.c
+++ b/lib/decompress_bunzip2.c
@@ -45,9 +45,11 @@
*/
-#ifndef STATIC
+#ifdef STATIC
+#define PREBOOT
+#else
#include <linux/decompress/bunzip2.h>
-#endif /* !STATIC */
+#endif /* STATIC */
#include <linux/decompress/mm.h>
#include <linux/slab.h>
@@ -681,9 +683,7 @@ STATIC int INIT bunzip2(unsigned char *buf, int len,
set_error_fn(error_fn);
if (flush)
outbuf = malloc(BZIP2_IOBUF_SIZE);
- else
- len -= 4; /* Uncompressed size hack active in pre-boot
- environment */
+
if (!outbuf) {
error("Could not allocate output bufer");
return -1;
@@ -733,4 +733,14 @@ exit_0:
return i;
}
-#define decompress bunzip2
+#ifdef PREBOOT
+STATIC int INIT decompress(unsigned char *buf, int len,
+ int(*fill)(void*, unsigned int),
+ int(*flush)(void*, unsigned int),
+ unsigned char *outbuf,
+ int *pos,
+ void(*error_fn)(char *x))
+{
+ return bunzip2(buf, len - 4, fill, flush, outbuf, pos, error_fn);
+}
+#endif
diff --git a/lib/decompress_unlzma.c b/lib/decompress_unlzma.c
index 32123a1..d3f9468 100644
--- a/lib/decompress_unlzma.c
+++ b/lib/decompress_unlzma.c
@@ -29,7 +29,9 @@
*Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
-#ifndef STATIC
+#ifdef STATIC
+#define PREBOOT
+#else
#include <linux/decompress/unlzma.h>
#endif /* STATIC */
@@ -543,9 +545,7 @@ STATIC inline int INIT unlzma(unsigned char *buf, int in_len,
int ret = -1;
set_error_fn(error_fn);
- if (!flush)
- in_len -= 4; /* Uncompressed size hack active in pre-boot
- environment */
+
if (buf)
inbuf = buf;
else
@@ -645,4 +645,15 @@ exit_0:
return ret;
}
-#define decompress unlzma
+#ifdef PREBOOT
+STATIC int INIT decompress(unsigned char *buf, int in_len,
+ int(*fill)(void*, unsigned int),
+ int(*flush)(void*, unsigned int),
+ unsigned char *output,
+ int *posp,
+ void(*error_fn)(char *x)
+ )
+{
+ return unlzma(buf, in_len - 4, fill, flush, output, posp, error_fn);
+}
+#endif
--
1.6.1.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists