New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix buffer overrun in fatfs_utf16_inode_str_2_utf8 #747
Conversation
Thanks. But, I'm not sure that is the correct fix. My impression of the main change here is that it is defining the end of the UTF16 buffer based on bytes versus UTF16 characters. So, it's a factor of 2 difference. The API docs on that method are not specific about what the metrics of a_src_len are (bytes or characters) and a quick grep of the code shows that we seem to be using it differently. I think that a_src_len should be number of characters in a_src (not number of bytes). In which case, the code in fatfs_utf16_inode_str_2_utf8() is correct, but some of the callers are passing in the wrong value. For example, in extfats_meta.c on line 1251, we pass in sizeof(utf16_name), which is the number of bytes in the char buffer. Did valgrind report the stack trace of who called it? |
I believe you are correct. That's a problem, because Do you know if exFAT/FAT actually only supports UCS-2? Or if the "number of UTF-16 characters" field is actually a "half the number of bytes" field? That would allow for trivial conversions. I would prefer to modify the other callers to pass the length in bytes, but that could be harder than it sounds. What are your thoughts? I tried to omit my application code from the trace, but was a little overzealous:
|
I'm closing this PR as it appears this issue isn't as simple as I thought it was. |
I noticed valgrind reporting errors on an exFAT image:
This fixes those errors.