OpenCellular

scottk/OpenCellular

Fork 0

mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-25 18:55:24 +00:00

Commit Graph

Author	SHA1	Message	Date
Bill Richardson	c4e92af85a	Address some security concerns in the cgpt tool. 1. Check for potential integer overflow in sector_bytes * sector_count. 2. Added O_NOFOLLOW to open() call - Is this enough? 3. Passing buffer length to GuidToStr(), PMBRToStr(). 4. Use unsigned int in GetEntry() to determine stride. 5. Address conversion between UTF16 and UTF8. Note: The UTF conversion is complex and troublesome, and needs careful consideration to get right. For now, I've just forced the interpretation of the partition name to 7-bit ASCII. That's sufficient for the needs of Chrome OS, and I can file a new issue to handle UTF correctly. BUG=chrome-os-partner:705 TEST=manual Running "make runtests" invokes the tests/run_cgpt_tests.sh script, which checks the behavior and output of the cgpt tool. Review URL: http://codereview.chromium.org/3594010 Change-Id: I5fd29796d8c929527e0cfbc6d5ccbcdc77502c6b	2010-10-12 07:33:15 -07:00
Bill Richardson	f1372d9109	Nearly complete rewrite of cgpt tool. This fixes a number of bugs, adds a bunch of commands, and essentially makes cgpt ready to use as a replacement for gpt. Still to do is to add commands and options that will let it generated intentionally bad partitions, for use in testing. Review URL: http://codereview.chromium.org/2719008	2010-06-11 09:15:55 -07:00

Author

SHA1

Message

Date

Bill Richardson

c4e92af85a

Address some security concerns in the cgpt tool.

1. Check for potential integer overflow in sector_bytes * sector_count.
2. Added O_NOFOLLOW to open() call - Is this enough?
3. Passing buffer length to GuidToStr(), PMBRToStr().
4. Use unsigned int in GetEntry() to determine stride.
5. Address conversion between UTF16 and UTF8.

Note: The UTF conversion is complex and troublesome, and needs careful
consideration to get right. For now, I've just forced the interpretation of
the partition name to 7-bit ASCII. That's sufficient for the needs of Chrome
OS, and I can file a new issue to handle UTF correctly.

BUG=chrome-os-partner:705
TEST=manual

Running "make runtests" invokes the tests/run_cgpt_tests.sh script, which checks the behavior and output of the cgpt tool.

Review URL: http://codereview.chromium.org/3594010

Change-Id: I5fd29796d8c929527e0cfbc6d5ccbcdc77502c6b

2010-10-12 07:33:15 -07:00

Bill Richardson

f1372d9109

Nearly complete rewrite of cgpt tool.

This fixes a number of bugs, adds a bunch of commands, and essentially makes
cgpt ready to use as a replacement for gpt. Still to do is to add commands
and options that will let it generated intentionally bad partitions, for use
in testing.

Review URL: http://codereview.chromium.org/2719008

2010-06-11 09:15:55 -07:00

2 Commits