[PATCH] Fix deep stack usage in ncpfs
From: Petr Vandrovec <vandrove@vc.cvut.cz> Arjan van de Ven pointed out to me there are no checks on name component lengths in ncpfs, so potentially 4KB regions could be allocated on stack, leading to the user controlled stack overflow. It was using variable-sized arrays, so this snuck past the static stack-usage checking tools. As NCP is limited to 255 bytes on components, we can simple limit these local variables to 256 bytes, and after this stack usage looks more acceptable. Length checking occurs inside ncp_vol2io, during iocharset->codepage conversion. As a side effect support for multibyte codepages now works as it should, instead of returning -EINVAL whenever filename in 'codepage' encoding was longer than in 'iocharset'. Other part fixes typo where atime change updated ctime and not atime field.
Showing
Please register or sign in to comment