From nobody Sun May 5 13:01:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1500125465028837.3499366885984; Sat, 15 Jul 2017 06:31:05 -0700 (PDT) Received: from localhost ([::1]:42153 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWN9x-0005U8-Pm for importer@patchew.org; Sat, 15 Jul 2017 09:31:01 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43290) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWN8B-0003fu-29 for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dWN8A-0002yM-7V for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:11 -0400 Received: from smtp4-g21.free.fr ([2a01:e0c:1:1599::13]:36909) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dWN88-0002xk-0w; Sat, 15 Jul 2017 09:29:08 -0400 Received: from localhost.localdomain (unknown [IPv6:2a01:e34:ee6b:9c80:6267:20ff:fe65:a488]) by smtp4-g21.free.fr (Postfix) with ESMTP id 62C8919F5C2; Sat, 15 Jul 2017 15:29:01 +0200 (CEST) From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= To: qemu-devel@nongnu.org Date: Sat, 15 Jul 2017 15:28:38 +0200 Message-Id: <20170715132841.9865-2-hpoussin@reactos.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170715132841.9865-1-hpoussin@reactos.org> References: <20170715132841.9865-1-hpoussin@reactos.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Windows NT kernel [generic] [fuzzy] X-Received-From: 2a01:e0c:1:1599::13 Subject: [Qemu-devel] [PATCH 1/4] vvfat: add constants for special values of name[0] X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Herv=C3=A9=20Poussineau?= , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Signed-off-by: Herv=C3=A9 Poussineau --- block/vvfat.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/block/vvfat.c b/block/vvfat.c index 4fd28e1e87..c2674d7703 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -71,6 +71,11 @@ void nonono(const char* file, int line, const char* msg)= { =20 #endif =20 +#define DIR_DELETED 0xe5 +#define DIR_KANJI DIR_DELETED +#define DIR_KANJI_FAKE 0x05 +#define DIR_FREE 0x00 + /* dynamic array functions */ typedef struct array_t { char* pointer; @@ -466,7 +471,7 @@ static direntry_t *create_long_filename(BDRVVVFATState = *s, const char *filename) =20 static char is_free(const direntry_t* direntry) { - return direntry->name[0]=3D=3D0xe5 || direntry->name[0]=3D=3D0x00; + return direntry->name[0] =3D=3D DIR_DELETED || direntry->name[0] =3D= =3D DIR_FREE; } =20 static char is_volume_label(const direntry_t* direntry) @@ -487,7 +492,7 @@ static char is_short_name(const direntry_t* direntry) =20 static char is_directory(const direntry_t* direntry) { - return direntry->attributes & 0x10 && direntry->name[0] !=3D 0xe5; + return direntry->attributes & 0x10 && direntry->name[0] !=3D DIR_DELET= ED; } =20 static inline char is_dot(const direntry_t* direntry) @@ -589,8 +594,8 @@ static direntry_t *create_short_filename(BDRVVVFATState= *s, } } =20 - if (entry->name[0] =3D=3D 0xe5) { - entry->name[0] =3D 0x05; + if (entry->name[0] =3D=3D DIR_KANJI) { + entry->name[0] =3D DIR_KANJI_FAKE; } =20 /* numeric-tail generation */ @@ -1748,8 +1753,8 @@ static int parse_short_name(BDRVVVFATState* s, } else lfn->name[i + j + 1] =3D '\0'; =20 - if (lfn->name[0] =3D=3D 0x05) { - lfn->name[0] =3D 0xe5; + if (lfn->name[0] =3D=3D DIR_KANJI_FAKE) { + lfn->name[0] =3D DIR_KANJI; } lfn->len =3D strlen((char*)lfn->name); =20 --=20 2.11.0 From nobody Sun May 5 13:01:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 15001254827451001.5933419146678; Sat, 15 Jul 2017 06:31:22 -0700 (PDT) Received: from localhost ([::1]:42156 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWNAH-0005lL-A1 for importer@patchew.org; Sat, 15 Jul 2017 09:31:21 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43322) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWN8I-0003ur-P3 for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dWN8F-00032Q-Lp for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:18 -0400 Received: from smtp4-g21.free.fr ([212.27.42.4]:40030) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dWN8D-0002ys-5w; Sat, 15 Jul 2017 09:29:13 -0400 Received: from localhost.localdomain (unknown [IPv6:2a01:e34:ee6b:9c80:6267:20ff:fe65:a488]) by smtp4-g21.free.fr (Postfix) with ESMTP id D6A3A19F4F3; Sat, 15 Jul 2017 15:29:06 +0200 (CEST) From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= To: qemu-devel@nongnu.org Date: Sat, 15 Jul 2017 15:28:39 +0200 Message-Id: <20170715132841.9865-3-hpoussin@reactos.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170715132841.9865-1-hpoussin@reactos.org> References: <20170715132841.9865-1-hpoussin@reactos.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Windows NT kernel [generic] [fuzzy] X-Received-From: 212.27.42.4 Subject: [Qemu-devel] [PATCH 2/4] vvfat: add a constant for bootsector name X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Herv=C3=A9=20Poussineau?= , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Also add links to related compatibility problems. Signed-off-by: Herv=C3=A9 Poussineau Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- block/vvfat.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/block/vvfat.c b/block/vvfat.c index c2674d7703..e585a8e0be 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -71,6 +71,12 @@ void nonono(const char* file, int line, const char* msg)= { =20 #endif =20 +/* bootsector OEM name. see related compatibility problems at: + * https://jdebp.eu/FGA/volume-boot-block-oem-name-field.html + * http://seasip.info/Misc/oemid.html + */ +#define BOOTSECTOR_OEM_NAME "MSWIN4.1" + #define DIR_DELETED 0xe5 #define DIR_KANJI DIR_DELETED #define DIR_KANJI_FAKE 0x05 @@ -1028,7 +1034,7 @@ static int init_directories(BDRVVVFATState* s, bootsector->jump[0]=3D0xeb; bootsector->jump[1]=3D0x3e; bootsector->jump[2]=3D0x90; - memcpy(bootsector->name, "MSWIN4.1", 8); + memcpy(bootsector->name, BOOTSECTOR_OEM_NAME, 8); bootsector->sector_size=3Dcpu_to_le16(0x200); bootsector->sectors_per_cluster=3Ds->sectors_per_cluster; bootsector->reserved_sectors=3Dcpu_to_le16(1); --=20 2.11.0 From nobody Sun May 5 13:01:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1500125576226235.89544499997294; Sat, 15 Jul 2017 06:32:56 -0700 (PDT) Received: from localhost ([::1]:42159 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWNBl-0006vA-Vz for importer@patchew.org; Sat, 15 Jul 2017 09:32:54 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43368) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWN8N-0003zm-DD for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dWN8M-00037G-8W for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:23 -0400 Received: from smtp4-g21.free.fr ([2a01:e0c:1:1599::13]:37554) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dWN8I-00034M-HH; Sat, 15 Jul 2017 09:29:18 -0400 Received: from localhost.localdomain (unknown [IPv6:2a01:e34:ee6b:9c80:6267:20ff:fe65:a488]) by smtp4-g21.free.fr (Postfix) with ESMTP id 6234519F57C; Sat, 15 Jul 2017 15:29:12 +0200 (CEST) From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= To: qemu-devel@nongnu.org Date: Sat, 15 Jul 2017 15:28:40 +0200 Message-Id: <20170715132841.9865-4-hpoussin@reactos.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170715132841.9865-1-hpoussin@reactos.org> References: <20170715132841.9865-1-hpoussin@reactos.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Windows NT kernel [generic] [fuzzy] X-Received-From: 2a01:e0c:1:1599::13 Subject: [Qemu-devel] [PATCH 3/4] vvfat: correctly parse non-ASCII short and long file names X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Herv=C3=A9=20Poussineau?= , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Write support works again when image contains non-ASCII names. It is either= the case when user created a non-ASCII filename, or when initial directory cont= ained a non-ASCII filename (since 0c36111f57ec2188f679e7fa810291b7386bdca1) Signed-off-by: Herv=C3=A9 Poussineau --- block/vvfat.c | 59 +++++++++++++++++++++++++++++++++++++------------------= ---- 1 file changed, 37 insertions(+), 22 deletions(-) diff --git a/block/vvfat.c b/block/vvfat.c index e585a8e0be..afc6170a69 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -1669,6 +1669,7 @@ typedef struct { * filename length is 0x3f * 13 bytes. */ unsigned char name[0x3f * 13 + 1]; + gunichar2 name2[0x3f * 13 + 1]; int checksum, len; int sequence_number; } long_file_name; @@ -1690,16 +1691,21 @@ static int parse_long_name(long_file_name* lfn, return 1; =20 if (pointer[0] & 0x40) { + /* first entry; do some initialization */ lfn->sequence_number =3D pointer[0] & 0x3f; lfn->checksum =3D pointer[13]; lfn->name[0] =3D 0; lfn->name[lfn->sequence_number * 13] =3D 0; - } else if ((pointer[0] & 0x3f) !=3D --lfn->sequence_number) + } else if ((pointer[0] & 0x3f) !=3D --lfn->sequence_number) { + /* not the expected sequence number */ return -1; - else if (pointer[13] !=3D lfn->checksum) + } else if (pointer[13] !=3D lfn->checksum) { + /* not the expected checksum */ return -2; - else if (pointer[12] || pointer[26] || pointer[27]) + } else if (pointer[12] || pointer[26] || pointer[27]) { + /* invalid zero fields */ return -3; + } =20 offset =3D 13 * (lfn->sequence_number - 1); for (i =3D 0, j =3D 1; i < 13; i++, j+=3D2) { @@ -1708,16 +1714,29 @@ static int parse_long_name(long_file_name* lfn, else if (j =3D=3D 26) j =3D 28; =20 - if (pointer[j+1] =3D=3D 0) - lfn->name[offset + i] =3D pointer[j]; - else if (pointer[j+1] !=3D 0xff || (pointer[0] & 0x40) =3D=3D 0) - return -4; - else - lfn->name[offset + i] =3D 0; + if (pointer[j] =3D=3D 0 && pointer[j + 1] =3D=3D 0) { + /* end of long file name */ + break; + } + gunichar2 c =3D (pointer[j + 1] << 8) + pointer[j]; + lfn->name2[offset + i] =3D c; } =20 - if (pointer[0] & 0x40) - lfn->len =3D offset + strlen((char*)lfn->name + offset); + if (pointer[0] & 0x40) { + /* first entry; set len */ + lfn->len =3D offset + i; + } + if ((pointer[0] & 0x3f) =3D=3D 0x01) { + /* last entry; finalize entry */ + glong olen; + gchar *utf8 =3D g_utf16_to_utf8(lfn->name2, lfn->len, NULL, &olen,= NULL); + if (!utf8) { + return -4; + } + lfn->len =3D olen; + memcpy(lfn->name, utf8, olen + 1); + g_free(utf8); + } =20 return 0; } @@ -1733,12 +1752,14 @@ static int parse_short_name(BDRVVVFATState* s, =20 for (j =3D 7; j >=3D 0 && direntry->name[j] =3D=3D ' '; j--); for (i =3D 0; i <=3D j; i++) { - if (direntry->name[i] <=3D ' ' || direntry->name[i] > 0x7f) + uint8_t c =3D direntry->name[i]; + if (c !=3D to_valid_short_char(c)) { return -1; - else if (s->downcase_short_names) + } else if (s->downcase_short_names) { lfn->name[i] =3D qemu_tolower(direntry->name[i]); - else + } else { lfn->name[i] =3D direntry->name[i]; + } } =20 for (j =3D 2; j >=3D 0 && direntry->name[8 + j] =3D=3D ' '; j--) { @@ -1748,7 +1769,7 @@ static int parse_short_name(BDRVVVFATState* s, lfn->name[i + j + 1] =3D '\0'; for (;j >=3D 0; j--) { uint8_t c =3D direntry->name[8 + j]; - if (c <=3D ' ' || c > 0x7f) { + if (c !=3D to_valid_short_char(c)) { return -2; } else if (s->downcase_short_names) { lfn->name[i + j] =3D qemu_tolower(c); @@ -2966,7 +2987,6 @@ DLOG(checkpoint()); /* * Some sanity checks: * - do not allow writing to the boot sector - * - do not allow to write non-ASCII filenames */ =20 if (sector_num < s->offset_to_fat) @@ -3000,13 +3020,8 @@ DLOG(checkpoint()); direntries =3D (direntry_t*)(buf + 0x200 * (begin - sector= _num)); =20 for (k =3D 0; k < (end - begin) * 0x10; k++) { - /* do not allow non-ASCII filenames */ - if (parse_long_name(&lfn, direntries + k) < 0) { - fprintf(stderr, "Warning: non-ASCII filename\n"); - return -1; - } /* no access to the direntry of a read-only file */ - else if (is_short_name(direntries+k) && + if (is_short_name(direntries + k) && (direntries[k].attributes & 1)) { if (memcmp(direntries + k, array_get(&(s->directory), dir_index += k), --=20 2.11.0 From nobody Sun May 5 13:01:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 150012547838252.92025437920256; Sat, 15 Jul 2017 06:31:18 -0700 (PDT) Received: from localhost ([::1]:42155 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWNAC-0005hU-3P for importer@patchew.org; Sat, 15 Jul 2017 09:31:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43393) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dWN8R-00043a-8A for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dWN8Q-00038B-CZ for qemu-devel@nongnu.org; Sat, 15 Jul 2017 09:29:27 -0400 Received: from smtp4-g21.free.fr ([2a01:e0c:1:1599::13]:37817) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dWN8O-00037a-1z; Sat, 15 Jul 2017 09:29:24 -0400 Received: from localhost.localdomain (unknown [IPv6:2a01:e34:ee6b:9c80:6267:20ff:fe65:a488]) by smtp4-g21.free.fr (Postfix) with ESMTP id D981119F5A1; Sat, 15 Jul 2017 15:29:17 +0200 (CEST) From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= To: qemu-devel@nongnu.org Date: Sat, 15 Jul 2017 15:28:41 +0200 Message-Id: <20170715132841.9865-5-hpoussin@reactos.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170715132841.9865-1-hpoussin@reactos.org> References: <20170715132841.9865-1-hpoussin@reactos.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Windows NT kernel [generic] [fuzzy] X-Received-From: 2a01:e0c:1:1599::13 Subject: [Qemu-devel] [PATCH 4/4] vvfat: initialize memory after allocating it X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Herv=C3=A9=20Poussineau?= , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This prevents some host to guest memory content leaks. Fixes: https://bugs.launchpad.net/qemu/+bug/1599539 Signed-off-by: Herv=C3=A9 Poussineau --- block/vvfat.c | 1 + 1 file changed, 1 insertion(+) diff --git a/block/vvfat.c b/block/vvfat.c index afc6170a69..7340decef3 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -115,6 +115,7 @@ static inline int array_ensure_allocated(array_t* array= , int index) array->pointer =3D g_realloc(array->pointer, new_size); if (!array->pointer) return -1; + memset(array->pointer + array->size, 0, new_size - array->size); array->size =3D new_size; array->next =3D index + 1; } --=20 2.11.0