[ros-diffs] [pschweitzer] 65186: [NTFS] Fix a really nasty bug in NTFS: it was possible to perform a buffer overflow when reading the bitmap data.

pschweitzer Sun, 02 Nov 2014 09:54:42 -0800

Author: pschweitzer
Date: Sun Nov  2 17:53:18 2014
New Revision: 65186

URL: http://svn.reactos.org/svn/reactos?rev=65186&view=rev
Log:
[NTFS]
Fix a really nasty bug in NTFS: it was possible to perform a buffer overflow 
when reading the bitmap data.


Modified:
    trunk/reactos/drivers/filesystems/ntfs/volinfo.c

Modified: trunk/reactos/drivers/filesystems/ntfs/volinfo.c
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/ntfs/volinfo.c?rev=65186&r1=65185&r2=65186&view=diff
==============================================================================
--- trunk/reactos/drivers/filesystems/ntfs/volinfo.c    [iso-8859-1] (original)
+++ trunk/reactos/drivers/filesystems/ntfs/volinfo.c    [iso-8859-1] Sun Nov  2 
17:53:18 2014
@@ -70,7 +70,7 @@
 
     BitmapDataSize = AttributeDataLength(&DataContext->Record);
     ASSERT((BitmapDataSize * 8) >= (DeviceExt->NtfsInfo.SectorCount / 
DeviceExt->NtfsInfo.SectorsPerCluster));
-    BitmapData = ExAllocatePoolWithTag(NonPagedPool, BitmapDataSize, TAG_NTFS);
+    BitmapData = ExAllocatePoolWithTag(NonPagedPool, ROUND_UP(BitmapDataSize, 
DeviceExt->NtfsInfo.BytesPerSector), TAG_NTFS);
     if (BitmapData == NULL)
     {
         ReleaseAttributeContext(DataContext);

[ros-diffs] [pschweitzer] 65186: [NTFS] Fix a really nasty bug in NTFS: it was possible to perform a buffer overflow when reading the bitmap data.

Reply via email to