From nobody Sun Feb 8 15:18:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+98325+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98325+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1673481568; cv=none; d=zohomail.com; s=zohoarc; b=mDbxKbR2yBv09zoZl8slKvORVKhbVpte6TN80LR1eOSDLsRA8MP6RMapQXCSHSFjFzKRITiOT2k2h5u7Uh4LSFi2Q/Ch8f/3kRRgy3OEIAosV5RwSaQFiQXVgsHqC8Zr8HVDWWq0DwJzHtqtCrx8JVEaO8Lt9jJjjKdcFZfsVCo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673481568; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=wL9arXDJsfDK7HWr/yy31C1BwHN6JCiSWT/TEAHkWD8=; b=XEl8Dgd7pQVRoWlTBsloCyE+V/e9/KhwzkV1jkHS97bSayk1JkCIP9o/fpeZQTTlIdBIIA9hIYL5cryZ80W/rrjtx/0o1jMiZy9sSoKxEXX4p9A8jbct5IQtKGbbKfJ5oUu7ZHI68lJ/KcJQbP/doBkUzeep/zldZSOSFt3wwVs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98325+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1673481568407212.66542688986112; Wed, 11 Jan 2023 15:59:28 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id XuC8YY1788612xFGFBrZ829F; Wed, 11 Jan 2023 15:59:28 -0800 X-Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by mx.groups.io with SMTP id smtpd.web11.41660.1673481564433418667 for ; Wed, 11 Jan 2023 15:59:27 -0800 X-Received: by mail-wm1-f45.google.com with SMTP id ay12-20020a05600c1e0c00b003d9ea12bafcso10073819wmb.3 for ; Wed, 11 Jan 2023 15:59:27 -0800 (PST) X-Gm-Message-State: 5LNuDOJlBkquwgTywyTC0ZCax1787277AA= X-Google-Smtp-Source: AMrXdXtYVpQLKyCGcI3hPY1KdQU4ooeURUtPaYrhYq1iYq0ULBUWLETCoZYk9QNFHPSL+zwBsphqKg== X-Received: by 2002:a05:600c:3d05:b0:3d3:5c21:dd94 with SMTP id bh5-20020a05600c3d0500b003d35c21dd94mr55666910wmb.9.1673481566475; Wed, 11 Jan 2023 15:59:26 -0800 (PST) X-Received: from PC-PEDRO-ARCH.lan ([2001:8a0:7280:5801:9441:3dce:686c:bfc7]) by smtp.gmail.com with ESMTPSA id p21-20020a7bcc95000000b003c65c9a36dfsm19276102wma.48.2023.01.11.15.59.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Jan 2023 15:59:26 -0800 (PST) From: "Pedro Falcato" To: devel@edk2.groups.io Cc: Pedro Falcato , Savva Mitrofanov , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [edk2-devel] [PATCH 1/3] Ext4Pkg: Fix out-of-bounds read in Ext4ReadDir Date: Wed, 11 Jan 2023 23:59:17 +0000 Message-Id: <20230111235920.252317-3-pedro.falcato@gmail.com> In-Reply-To: <20230111235920.252317-1-pedro.falcato@gmail.com> References: <20230111235920.252317-1-pedro.falcato@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1673481568; bh=4+bnFqOPek8sA5mon8wlcBcxxjo74Kn7T7y3yQPJUvU=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=mVAduO+S80hDKTqfe0pODDm4b5S0s6JN9k2O/jWNOuEJqfm33kBDyH2yqeOHw9sFKJk f17MRIvyzAzyvbqcWAYe6qeeESwGng8dGtO5OzTnj3IfKnbeB7AaLcKF/AoY0uGsn4Inm x/U2/DmKQTXx1jRlntgCYAggmAnFUPVQOpk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1673481569809100002 Fix an out-of-bounds read inside CompareMem() when checking for "." or ".." by explicitly bounding name_len to [0, 2] beforehand. Reported-by: Savva Mitrofanov Fixes: 45e37d8533ca8 ("Ext4Pkg: Hide "." and ".." entries from Read() calle= rs.") Cc: Marvin H=C3=A4user Signed-off-by: Pedro Falcato Reviewed-by: Marvin H=C3=A4user > --- Features/Ext4Pkg/Ext4Dxe/Directory.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Dxe/Directory.c b/Features/Ext4Pkg/Ext4Dx= e/Directory.c index 4441e6d192b6..6ed664fc632f 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Directory.c +++ b/Features/Ext4Pkg/Ext4Dxe/Directory.c @@ -491,12 +491,14 @@ Ext4ReadDir ( // or a checksum at the end of the directory block. // memcmp (and CompareMem) return 0 when the passed length is 0. =20 - IsDotOrDotDot =3D Entry.name_len !=3D 0 && - (CompareMem (Entry.name, ".", Entry.name_len) =3D=3D 0= || - CompareMem (Entry.name, "..", Entry.name_len) =3D=3D = 0); + // We must bound name_len as > 0 and <=3D 2 to avoid any out-of-bounds= accesses or bad detection of + // "." and "..". + IsDotOrDotDot =3D Entry.name_len > 0 && Entry.name_len <=3D 2 && + CompareMem (Entry.name, "..", Entry.name_len) =3D=3D 0; =20 - // When inode =3D 0, it's unused. - ShouldSkip =3D Entry.inode =3D=3D 0 || IsDotOrDotDot; + // When inode =3D 0, it's unused. When name_len =3D=3D 0, it's a namel= ess entry + // (which we should not expose to ReadDir). + ShouldSkip =3D Entry.inode =3D=3D 0 || Entry.name_len =3D=3D 0 || IsDo= tOrDotDot; =20 if (ShouldSkip) { Offset +=3D Entry.rec_len; --=20 2.39.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98325): https://edk2.groups.io/g/devel/message/98325 Mute This Topic: https://groups.io/mt/96212631/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun Feb 8 15:18:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+98324+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98324+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1673481568; cv=none; d=zohomail.com; s=zohoarc; b=kBcyN7l1ws/JmRNI6Pkdcc3Jd14l9ZY7JpVqAVmAJ8pkdw0mCQSpHn6A/CC6EtI0puobnW9T9JTl2UmaVIHCGACRFXqSlvUsjmaz6CoEq2URagY6CL1oZkhUq3pj2fjwJ8+ipm4VkqSYkb8IKJEOfN+OlExpKFw/VzulnTwzEKQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673481568; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=lx5RYw0o5Np2GEoYIGAo62Pj0zJc0cjKPWIwgaeKghM=; b=W4fITjY9vDcfAno/beq88tEZci7mXk3vW0WYvJ/Kaqvbzokd19k41TT0OvDldooOfPwB+Dszi7h1+v7kog167PacS0nYfCQ7872b9x9u7gkwriob0L27S0GGKo+C5I1wQ2UfFBRH1lF7X463xHZkns6JFwxv9r/GFnTAN/MI02k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98324+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1673481568801882.6616084541273; Wed, 11 Jan 2023 15:59:28 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id sA04YY1788612xJ1MJxqwJ9Y; Wed, 11 Jan 2023 15:59:28 -0800 X-Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) by mx.groups.io with SMTP id smtpd.web10.41548.1673481567266644865 for ; Wed, 11 Jan 2023 15:59:27 -0800 X-Received: by mail-wm1-f41.google.com with SMTP id k22-20020a05600c1c9600b003d1ee3a6289so13860414wms.2 for ; Wed, 11 Jan 2023 15:59:27 -0800 (PST) X-Gm-Message-State: ggzcQe0hnh2zo6eIHd05zQ7nx1787277AA= X-Google-Smtp-Source: AMrXdXs8Eqg4tdXLhp8KSkukiGzpYgZkLMP8EaHCqZuwjfr+PeZcq2/qKuhmSFl6PGafWgFk2Xq2gQ== X-Received: by 2002:a05:600c:3550:b0:3d9:ed30:6a73 with SMTP id i16-20020a05600c355000b003d9ed306a73mr10812387wmq.9.1673481565489; Wed, 11 Jan 2023 15:59:25 -0800 (PST) X-Received: from PC-PEDRO-ARCH.lan ([2001:8a0:7280:5801:9441:3dce:686c:bfc7]) by smtp.gmail.com with ESMTPSA id p21-20020a7bcc95000000b003c65c9a36dfsm19276102wma.48.2023.01.11.15.59.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Jan 2023 15:59:25 -0800 (PST) From: "Pedro Falcato" To: devel@edk2.groups.io Cc: Pedro Falcato , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [edk2-devel] [PATCH 1/2] Ext4Pkg: Add documentation surrounding ext4 directory entries Date: Wed, 11 Jan 2023 23:59:16 +0000 Message-Id: <20230111235920.252317-2-pedro.falcato@gmail.com> In-Reply-To: <20230111235920.252317-1-pedro.falcato@gmail.com> References: <20230111235920.252317-1-pedro.falcato@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1673481568; bh=F9Nc76OrxC2Lod3zTJjJIkYc6S9ZS9YxB9NgZwNB63I=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=FDzLfKx0Ik0pbw2lJiccv50OEi4n08U2Gz0igj+sFzxiiDlUf/lU11j8bGRe9Toz8Q3 4gmO5M+NVWlHZe3Vld4GK7yEW1yWUlZqrAytJYArjR+qyNXNgpLPyD6bOafT3JydtRsGh 1KdvT1SlMz7xj7+RgxlOaRzJdoqeTGooYSY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1673481569815100004 Several questions have popped up regarding the ext4 directory entry layout and contents off-list. Attempt to clarify these issues by adding some explanatory comments. Signed-off-by: Pedro Falcato Cc: Marvin H=C3=A4user --- Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h | 21 +++++++++++++++++++-- Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h | 5 ++--- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h b/Features/Ext4Pkg/Ext4Dxe= /Ext4Disk.h index 4fd91a423324..d0a455d0e572 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h @@ -1,7 +1,7 @@ /** @file Raw filesystem data structures =20 - Copyright (c) 2021 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent =20 Layout of an EXT2/3/4 filesystem: @@ -397,12 +397,29 @@ typedef struct _Ext4Inode { UINT32 i_projid; } EXT4_INODE; =20 +#define EXT4_NAME_MAX 255 + typedef struct { + // offset 0x0: inode number (if 0, unused entry, should skip.) UINT32 inode; + // offset 0x4: Directory entry's length. + // Note: rec_len >=3D name_len + EXT4_MIN_DIR_ENTRY_LEN and = rec_len % 4 =3D=3D 0. UINT16 rec_len; + // offset 0x6: Directory entry's name's length UINT8 name_len; + // offset 0x7: Directory entry's file type indicator UINT8 file_type; - CHAR8 name[255]; + // offset 0x8: name[name_len]: Variable length character array; not null= -terminated. + CHAR8 name[EXT4_NAME_MAX]; + // Further notes on names: + // 1) We use EXT4_NAME_MAX here instead of flexible arrays for ease of u= se around the driver. + // + // 2) ext4 directories are defined, as the documentation puts it, as: + // "a directory is more or less a flat file that maps an arbitrary byte = string + // (usually ASCII) to an inode number on the filesystem". So, they are n= ot + // necessarily encoded with ASCII, UTF-8, or any of the sort. We must tr= eat it + // as a bag of bytes. When interacting with EFI interfaces themselves (w= hich expect UCS-2) + // we skip any directory entry that is not valid UTF-8. } EXT4_DIR_ENTRY; =20 #define EXT4_MIN_DIR_ENTRY_LEN 8 diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h b/Features/Ext4Pkg/Ext4Dxe/= Ext4Dxe.h index adf3c13f6ea9..466e49523030 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h @@ -1,7 +1,7 @@ /** @file Common header for the driver =20 - Copyright (c) 2021 - 2022 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent **/ =20 @@ -31,8 +31,7 @@ =20 #include "Ext4Disk.h" =20 -#define SYMLOOP_MAX 8 -#define EXT4_NAME_MAX 255 +#define SYMLOOP_MAX 8 // // We need to specify path length limit for security purposes, to prevent = possible // overflows and dead-loop conditions. Originally this limit is absent in = FS design, --=20 2.39.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98324): https://edk2.groups.io/g/devel/message/98324 Mute This Topic: https://groups.io/mt/96212630/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun Feb 8 15:18:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+98327+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98327+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1673481571; cv=none; d=zohomail.com; s=zohoarc; b=WJH3vcYArcvlQLhRvk7ue8sYtBJ4vQZcnFUBXFuI2fxPptSA5wUKByblIjMZmD6OJ/Ym5Jgf9pd1r3yuDXD9/ynO1puanuqrojtHTbxSCRnAJbcz3FEwW2TQ1KTUbZSshYlg+hTdIWD5wc0aozcqe+M45nWM9g7op/XP4GloTck= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673481571; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=1oJMR89+fpv9q7uj9D2mG4d1Rl8p4ZMPrOhrVNpXduc=; b=RQS3DSIqpItX2YD9jIgIgzlZvXRLG0JV4B+88wWHjkqiYvolQKJ6cczFddMTn6ohYIk1w+US44c4HMgV7FMsuDQTOgrcG/Jqz6g7glpWRml70Nsuw1EIe05dzsOmziFU/ugf+kkEpqTmKAXHvzSNOpk/kfQD1QA30ZPXgo8AZ2E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98327+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1673481571499396.12481413886405; Wed, 11 Jan 2023 15:59:31 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ahrWYY1788612xAlryWlzy1L; Wed, 11 Jan 2023 15:59:31 -0800 X-Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) by mx.groups.io with SMTP id smtpd.web10.41551.1673481570329476359 for ; Wed, 11 Jan 2023 15:59:30 -0800 X-Received: by mail-wm1-f47.google.com with SMTP id m3so12151677wmq.0 for ; Wed, 11 Jan 2023 15:59:30 -0800 (PST) X-Gm-Message-State: mh3Lmpw2tdiTFGmZLTLtDvApx1787277AA= X-Google-Smtp-Source: AMrXdXvFu+jRPJB3rsYjZdzb8KQopMgrD+mHAVmQXIjCyD6JV3xE7vVsUhkxbI5dKmMC5rEpfOG7yA== X-Received: by 2002:a05:600c:3c88:b0:3d9:69fd:7707 with SMTP id bg8-20020a05600c3c8800b003d969fd7707mr51424103wmb.2.1673481568562; Wed, 11 Jan 2023 15:59:28 -0800 (PST) X-Received: from PC-PEDRO-ARCH.lan ([2001:8a0:7280:5801:9441:3dce:686c:bfc7]) by smtp.gmail.com with ESMTPSA id p21-20020a7bcc95000000b003c65c9a36dfsm19276102wma.48.2023.01.11.15.59.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Jan 2023 15:59:28 -0800 (PST) From: "Pedro Falcato" To: devel@edk2.groups.io Cc: Pedro Falcato , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [edk2-devel] [PATCH 2/2] Ext4Pkg: Fix and clarify handling regarding non-utf8 dir entries Date: Wed, 11 Jan 2023 23:59:19 +0000 Message-Id: <20230111235920.252317-5-pedro.falcato@gmail.com> In-Reply-To: <20230111235920.252317-1-pedro.falcato@gmail.com> References: <20230111235920.252317-1-pedro.falcato@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1673481571; bh=2qRb49nDolIkT/0v18rCYn1nk3Jda2bksME2h5WpTfk=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=U0MBhBbiRUXiHcDDscDM1S5YjghH+15OOSkBnToEkVaf52JuomZ2vqy+FSEahMmeXst lcq/9fa2BS2t+NSd4mav5MqgTVyxOaCo8vhOA+WVVaikb/umQ5nmZu3Ob5kNIzvnm+Us+ vNi+ZzPW0s7whcpZ/AciCXOODwblHYncCgE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1673481571811100010 Previously, the handling was mixed and/or non-existent regarding non utf-8 dirent names. Clarify it. Signed-off-by: Pedro Falcato Cc: Marvin H=C3=A4user --- Features/Ext4Pkg/Ext4Dxe/Directory.c | 37 ++++++++++++++++++++++------ Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h | 8 +++--- 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Dxe/Directory.c b/Features/Ext4Pkg/Ext4Dx= e/Directory.c index 6ed664fc632f..ba781bad968c 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Directory.c +++ b/Features/Ext4Pkg/Ext4Dxe/Directory.c @@ -1,7 +1,7 @@ /** @file Directory related routines =20 - Copyright (c) 2021 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. =20 SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -16,8 +16,9 @@ @param[in] Entry Pointer to a EXT4_DIR_ENTRY. @param[out] Ucs2FileName Pointer to an array of CHAR16's, of siz= e EXT4_NAME_MAX + 1. =20 - @retval EFI_SUCCESS The filename was succesfully retrieved and conver= ted to UCS2. - @retval !EFI_SUCCESS Failure. + @retval EFI_SUCCESS The filename was succesfully retrieved= and converted to UCS2. + @retval EFI_INVALID_PARAMETER The filename is not valid UTF-8. + @retval !EFI_SUCCESS Failure. **/ EFI_STATUS Ext4GetUcs2DirentName ( @@ -174,10 +175,16 @@ Ext4RetrieveDirent ( * need to form valid ASCII/UTF-8 sequences. */ if (EFI_ERROR (Status)) { - // If we error out, skip this entry - // I'm not sure if this is correct behaviour, but I don't think th= ere's a precedent here. - BlockOffset +=3D Entry->rec_len; - continue; + if (Status =3D=3D EFI_INVALID_PARAMETER) { + // If we error out due to a bad UTF-8 sequence (see Ext4GetUcs2D= irentName), skip this entry. + // I'm not sure if this is correct behaviour, but I don't think = there's a precedent here. + BlockOffset +=3D Entry->rec_len; + continue; + } + + // Other sorts of errors should just error out. + FreePool (Buf); + return Status; } =20 if ((Entry->name_len =3D=3D StrLen (Name)) && @@ -436,6 +443,7 @@ Ext4ReadDir ( EXT4_FILE *TempFile; BOOLEAN ShouldSkip; BOOLEAN IsDotOrDotDot; + CHAR16 DirentUcs2Name[EXT4_NAME_MAX + 1]; =20 DirIno =3D File->Inode; Status =3D EFI_SUCCESS; @@ -505,6 +513,21 @@ Ext4ReadDir ( continue; } =20 + // Test if the dirent is valid utf-8. This is already done inside Ext4= OpenDirent but EFI_INVALID_PARAMETER + // has the danger of its meaning being overloaded in many places, so w= e can't skip according to that. + // So test outside of it, explicitly. + Status =3D Ext4GetUcs2DirentName (&Entry, DirentUcs2Name); + + if (EFI_ERROR (Status)) { + if (Status =3D=3D EFI_INVALID_PARAMETER) { + // Bad UTF-8, skip. + Offset +=3D Entry.rec_len; + continue; + } + + goto Out; + } + Status =3D Ext4OpenDirent (Partition, EFI_FILE_MODE_READ, &TempFile, &= Entry, File); =20 if (EFI_ERROR (Status)) { diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h b/Features/Ext4Pkg/Ext4Dxe/= Ext4Dxe.h index 466e49523030..41779dad855f 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h @@ -944,11 +944,11 @@ Ext4StrCmpInsensitive ( Retrieves the filename of the directory entry and converts it to UTF-16= /UCS-2 =20 @param[in] Entry Pointer to a EXT4_DIR_ENTRY. - @param[out] Ucs2FileName Pointer to an array of CHAR16's, of size -EXT4_NAME_MAX + 1. + @param[out] Ucs2FileName Pointer to an array of CHAR16's, of siz= e EXT4_NAME_MAX + 1. =20 - @retval EFI_SUCCESS Unicode collation was successfully initialised. - @retval !EFI_SUCCESS Failure. + @retval EFI_SUCCESS The filename was succesfully retrieved= and converted to UCS2. + @retval EFI_INVALID_PARAMETER The filename is not valid UTF-8. + @retval !EFI_SUCCESS Failure. **/ EFI_STATUS Ext4GetUcs2DirentName ( --=20 2.39.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98327): https://edk2.groups.io/g/devel/message/98327 Mute This Topic: https://groups.io/mt/96212634/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun Feb 8 15:18:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+98326+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98326+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1673481570; cv=none; d=zohomail.com; s=zohoarc; b=Rfmv2/nnZEVPSpmYjBOk51iGf1Kif7BiQCALt0Zd5HlAvaUXQTAMf5wDMi9P5VSu2Th7aDKfCoEKWjoM59mSN9Ll5THIUwIPugE/CaOiKnQpIEI12Jwum9AccvOdll31n1eG8eL6ZOkZ5E2/qghf+Ztrr5DE2ed82ZPHGYGXxQA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673481570; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=qvnLAX/WyoBJnHZ48mgXWhH7zfycHU/RrSIKlo9/HsM=; b=MoAiH3SqFd1KEjDeG5oal8WdiJmeOUifdUo+KFAXaQJXhn2GI1cx9HFNrJFh7dNTAoxfZJ8Fj51PhvgsE42KEgG53vIW1Ki75vB2jllfM1m7QswoGm88S/A5BA5i+WMuxJ3EfXU9spDuLX0NKQNg2h+edKPyztJ6qv+LEYHV3X4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98326+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1673481570332575.127019626558; Wed, 11 Jan 2023 15:59:30 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id EjI4YY1788612xE32KOBrixC; Wed, 11 Jan 2023 15:59:30 -0800 X-Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51]) by mx.groups.io with SMTP id smtpd.web11.41667.1673481569361860548 for ; Wed, 11 Jan 2023 15:59:29 -0800 X-Received: by mail-wm1-f51.google.com with SMTP id g19-20020a05600c4ed300b003d9eb1dbc0aso10893886wmq.3 for ; Wed, 11 Jan 2023 15:59:29 -0800 (PST) X-Gm-Message-State: UTKbBmTLbTtms46xJw7OFfWRx1787277AA= X-Google-Smtp-Source: AMrXdXtY8+rhhpHHJk6Sr74OdSQK2Aabdea2qpyfmfgJ3bvKsCFo3R4PRFpxVbiA98CBDn23TRU2+Q== X-Received: by 2002:a05:600c:3ca2:b0:3d9:da3a:ef9b with SMTP id bg34-20020a05600c3ca200b003d9da3aef9bmr16376934wmb.31.1673481567506; Wed, 11 Jan 2023 15:59:27 -0800 (PST) X-Received: from PC-PEDRO-ARCH.lan ([2001:8a0:7280:5801:9441:3dce:686c:bfc7]) by smtp.gmail.com with ESMTPSA id p21-20020a7bcc95000000b003c65c9a36dfsm19276102wma.48.2023.01.11.15.59.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Jan 2023 15:59:27 -0800 (PST) From: "Pedro Falcato" To: devel@edk2.groups.io Cc: Pedro Falcato , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [edk2-devel] [PATCH 2/3] Ext4Pkg: Add documentation surrounding ext4 directory entries Date: Wed, 11 Jan 2023 23:59:18 +0000 Message-Id: <20230111235920.252317-4-pedro.falcato@gmail.com> In-Reply-To: <20230111235920.252317-1-pedro.falcato@gmail.com> References: <20230111235920.252317-1-pedro.falcato@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1673481570; bh=KBplvUT6ibL/cGu7jeKJj1zF+6lo8kBWImB8iDRQiI8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=ASsF+mwL1w98zDm6T81OkBIwQINUNn67Q4Atmc12Fhe13uwEAYlS6xlLKnFUItpo5we T77GlfseM9Kx0qc+7KENXE7HvXl2uoeS6gPFTlLJUWEAs2Dlt8zYZNMpNsTBJw21gms9b Ejs8m9vZ7v5mhUgAoEHn4pxOpPKkF0wFwtU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1673481571811100011 Several questions have popped up regarding the ext4 directory entry layout and contents off-list. Attempt to clarify these issues by adding some explanatory comments. Signed-off-by: Pedro Falcato Cc: Marvin H=C3=A4user Reviewed-by: Marvin H=C3=A4user > --- Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h | 21 +++++++++++++++++++-- Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h | 5 ++--- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h b/Features/Ext4Pkg/Ext4Dxe= /Ext4Disk.h index 4fd91a423324..d0a455d0e572 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Disk.h @@ -1,7 +1,7 @@ /** @file Raw filesystem data structures =20 - Copyright (c) 2021 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent =20 Layout of an EXT2/3/4 filesystem: @@ -397,12 +397,29 @@ typedef struct _Ext4Inode { UINT32 i_projid; } EXT4_INODE; =20 +#define EXT4_NAME_MAX 255 + typedef struct { + // offset 0x0: inode number (if 0, unused entry, should skip.) UINT32 inode; + // offset 0x4: Directory entry's length. + // Note: rec_len >=3D name_len + EXT4_MIN_DIR_ENTRY_LEN and = rec_len % 4 =3D=3D 0. UINT16 rec_len; + // offset 0x6: Directory entry's name's length UINT8 name_len; + // offset 0x7: Directory entry's file type indicator UINT8 file_type; - CHAR8 name[255]; + // offset 0x8: name[name_len]: Variable length character array; not null= -terminated. + CHAR8 name[EXT4_NAME_MAX]; + // Further notes on names: + // 1) We use EXT4_NAME_MAX here instead of flexible arrays for ease of u= se around the driver. + // + // 2) ext4 directories are defined, as the documentation puts it, as: + // "a directory is more or less a flat file that maps an arbitrary byte = string + // (usually ASCII) to an inode number on the filesystem". So, they are n= ot + // necessarily encoded with ASCII, UTF-8, or any of the sort. We must tr= eat it + // as a bag of bytes. When interacting with EFI interfaces themselves (w= hich expect UCS-2) + // we skip any directory entry that is not valid UTF-8. } EXT4_DIR_ENTRY; =20 #define EXT4_MIN_DIR_ENTRY_LEN 8 diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h b/Features/Ext4Pkg/Ext4Dxe/= Ext4Dxe.h index adf3c13f6ea9..466e49523030 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h @@ -1,7 +1,7 @@ /** @file Common header for the driver =20 - Copyright (c) 2021 - 2022 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent **/ =20 @@ -31,8 +31,7 @@ =20 #include "Ext4Disk.h" =20 -#define SYMLOOP_MAX 8 -#define EXT4_NAME_MAX 255 +#define SYMLOOP_MAX 8 // // We need to specify path length limit for security purposes, to prevent = possible // overflows and dead-loop conditions. Originally this limit is absent in = FS design, --=20 2.39.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98326): https://edk2.groups.io/g/devel/message/98326 Mute This Topic: https://groups.io/mt/96212633/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun Feb 8 15:18:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+98328+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98328+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1673481572; cv=none; d=zohomail.com; s=zohoarc; b=O+2BSLfSazHbgBg4Biy9M+39WUTzct8fZFwgPDWQPBiXh1YOYe7O9PDwHLW1siyucC7UyzE0/bs+GHEzA1rzzpW6ADb2ueCB4dPpKaLd8fy5eM721WJq23eYZMzGvMD7jB1Rnk7Rl4tjgVV0EAzX6MwqPQjE2UEpRiM+1p0P1FQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673481572; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=GXNer7QT3LsldQUDp4I9e1JxojbyMOf7TKNXfdW5oE4=; b=FZhaE6oYwklQ4J2Ao+6aUt6FwWnIHH8l8nkNH/oU+pYsJ02Of+zm68znzg0vKRAtK4Fn1KxxtvOeqheW0ZBKBk/zDz0j45QFQSBpedz4162Lt/7Qe0dWXnIOT1po6rvLSLpBR3wXcxJXdJNREqUeGhmw6Qff7nPN3Uv+vlPqtag= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+98328+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1673481572454527.0515569899222; Wed, 11 Jan 2023 15:59:32 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id PPULYY1788612xS9O4qYmZHR; Wed, 11 Jan 2023 15:59:32 -0800 X-Received: from mail-wm1-f50.google.com (mail-wm1-f50.google.com [209.85.128.50]) by mx.groups.io with SMTP id smtpd.web11.41668.1673481571331080452 for ; Wed, 11 Jan 2023 15:59:31 -0800 X-Received: by mail-wm1-f50.google.com with SMTP id bi26-20020a05600c3d9a00b003d3404a89faso3143095wmb.1 for ; Wed, 11 Jan 2023 15:59:31 -0800 (PST) X-Gm-Message-State: oiAZ4xM93AgYPuA1uIkXMfYRx1787277AA= X-Google-Smtp-Source: AMrXdXttYMDLx4zKgGUwLKW/y50H6rLtGjZW8AYTNLPbzex3ai8v4uvtghGZyBBVjt93IkJOjar5Vg== X-Received: by 2002:a05:600c:1603:b0:3d1:c895:930c with SMTP id m3-20020a05600c160300b003d1c895930cmr53334796wmn.35.1673481569558; Wed, 11 Jan 2023 15:59:29 -0800 (PST) X-Received: from PC-PEDRO-ARCH.lan ([2001:8a0:7280:5801:9441:3dce:686c:bfc7]) by smtp.gmail.com with ESMTPSA id p21-20020a7bcc95000000b003c65c9a36dfsm19276102wma.48.2023.01.11.15.59.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Jan 2023 15:59:29 -0800 (PST) From: "Pedro Falcato" To: devel@edk2.groups.io Cc: Pedro Falcato , =?UTF-8?q?Marvin=20H=C3=A4user?= Subject: [edk2-devel] [PATCH 3/3] Ext4Pkg: Fix and clarify handling regarding non-utf8 dir entries Date: Wed, 11 Jan 2023 23:59:20 +0000 Message-Id: <20230111235920.252317-6-pedro.falcato@gmail.com> In-Reply-To: <20230111235920.252317-1-pedro.falcato@gmail.com> References: <20230111235920.252317-1-pedro.falcato@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1673481572; bh=eqNihP2l9IDlpSn30TKR9e3tIyAx/F+b+ah4ttsfC6E=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=qT94CHYvma3HSFM8sa3qof/UtMLo7X6Hm3g9H5VoS/P5ggkF4wIxlwp7H9JFRFeieE3 1IAxAngn1vOg9gKXh7B4qpchYbSuGmIvjlcNO8PqtQeYuad8HDUTAMnmzca2o9ErlVn28 qzgGvDbHaMWoPpsU/BjLK7FJFQK3YOgDNzs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1673481573810100015 Previously, the handling was mixed and/or non-existent regarding non utf-8 dirent names. Clarify it. Signed-off-by: Pedro Falcato Cc: Marvin H=C3=A4user Reviewed-by: Marvin H=C3=A4user > --- Features/Ext4Pkg/Ext4Dxe/Directory.c | 37 ++++++++++++++++++++++------ Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h | 8 +++--- 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Dxe/Directory.c b/Features/Ext4Pkg/Ext4Dx= e/Directory.c index 6ed664fc632f..ba781bad968c 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Directory.c +++ b/Features/Ext4Pkg/Ext4Dxe/Directory.c @@ -1,7 +1,7 @@ /** @file Directory related routines =20 - Copyright (c) 2021 Pedro Falcato All rights reserved. + Copyright (c) 2021 - 2023 Pedro Falcato All rights reserved. =20 SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -16,8 +16,9 @@ @param[in] Entry Pointer to a EXT4_DIR_ENTRY. @param[out] Ucs2FileName Pointer to an array of CHAR16's, of siz= e EXT4_NAME_MAX + 1. =20 - @retval EFI_SUCCESS The filename was succesfully retrieved and conver= ted to UCS2. - @retval !EFI_SUCCESS Failure. + @retval EFI_SUCCESS The filename was succesfully retrieved= and converted to UCS2. + @retval EFI_INVALID_PARAMETER The filename is not valid UTF-8. + @retval !EFI_SUCCESS Failure. **/ EFI_STATUS Ext4GetUcs2DirentName ( @@ -174,10 +175,16 @@ Ext4RetrieveDirent ( * need to form valid ASCII/UTF-8 sequences. */ if (EFI_ERROR (Status)) { - // If we error out, skip this entry - // I'm not sure if this is correct behaviour, but I don't think th= ere's a precedent here. - BlockOffset +=3D Entry->rec_len; - continue; + if (Status =3D=3D EFI_INVALID_PARAMETER) { + // If we error out due to a bad UTF-8 sequence (see Ext4GetUcs2D= irentName), skip this entry. + // I'm not sure if this is correct behaviour, but I don't think = there's a precedent here. + BlockOffset +=3D Entry->rec_len; + continue; + } + + // Other sorts of errors should just error out. + FreePool (Buf); + return Status; } =20 if ((Entry->name_len =3D=3D StrLen (Name)) && @@ -436,6 +443,7 @@ Ext4ReadDir ( EXT4_FILE *TempFile; BOOLEAN ShouldSkip; BOOLEAN IsDotOrDotDot; + CHAR16 DirentUcs2Name[EXT4_NAME_MAX + 1]; =20 DirIno =3D File->Inode; Status =3D EFI_SUCCESS; @@ -505,6 +513,21 @@ Ext4ReadDir ( continue; } =20 + // Test if the dirent is valid utf-8. This is already done inside Ext4= OpenDirent but EFI_INVALID_PARAMETER + // has the danger of its meaning being overloaded in many places, so w= e can't skip according to that. + // So test outside of it, explicitly. + Status =3D Ext4GetUcs2DirentName (&Entry, DirentUcs2Name); + + if (EFI_ERROR (Status)) { + if (Status =3D=3D EFI_INVALID_PARAMETER) { + // Bad UTF-8, skip. + Offset +=3D Entry.rec_len; + continue; + } + + goto Out; + } + Status =3D Ext4OpenDirent (Partition, EFI_FILE_MODE_READ, &TempFile, &= Entry, File); =20 if (EFI_ERROR (Status)) { diff --git a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h b/Features/Ext4Pkg/Ext4Dxe/= Ext4Dxe.h index 466e49523030..41779dad855f 100644 --- a/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h +++ b/Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h @@ -944,11 +944,11 @@ Ext4StrCmpInsensitive ( Retrieves the filename of the directory entry and converts it to UTF-16= /UCS-2 =20 @param[in] Entry Pointer to a EXT4_DIR_ENTRY. - @param[out] Ucs2FileName Pointer to an array of CHAR16's, of size -EXT4_NAME_MAX + 1. + @param[out] Ucs2FileName Pointer to an array of CHAR16's, of siz= e EXT4_NAME_MAX + 1. =20 - @retval EFI_SUCCESS Unicode collation was successfully initialised. - @retval !EFI_SUCCESS Failure. + @retval EFI_SUCCESS The filename was succesfully retrieved= and converted to UCS2. + @retval EFI_INVALID_PARAMETER The filename is not valid UTF-8. + @retval !EFI_SUCCESS Failure. **/ EFI_STATUS Ext4GetUcs2DirentName ( --=20 2.39.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#98328): https://edk2.groups.io/g/devel/message/98328 Mute This Topic: https://groups.io/mt/96212635/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-