mirrors/rufus
1
0
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2025-05-17 16:44:27 -04:00
Code Issues Projects Releases Packages Wiki Activity

[syslinux] fix a crash if the downloaded Syslinux content has been modified

Browse source 
* Some stupid corporate firewalls will return garbage content for ldlinux.bss/ldlinux.sys
  instead of a 403 (as they really should), which creates an issue with the code written
  by the Syslinux people, as they forgot to check for potential overflows...
This commit is contained in:
Pete Batard 2015-10-28 23:17:55 +00:00
parent c12977a164
commit ad68ccfac9
3 changed files with 13 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/rufus.rc
View file

@ -32,7 +32,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 242, 376 IDD_DIALOG DIALOGEX 12, 12, 242, 376
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Rufus 2.5.799" CAPTION "Rufus 2.5.800"
FONT 8, "Segoe UI Symbol", 400, 0, 0x0 FONT 8, "Segoe UI Symbol", 400, 0, 0x0
BEGIN BEGIN
LTEXT "Device",IDS_DEVICE_TXT,9,6,200,8 LTEXT "Device",IDS_DEVICE_TXT,9,6,200,8
@ -319,8 +319,8 @@ END
// //
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION 2,5,799,0 FILEVERSION 2,5,800,0
PRODUCTVERSION 2,5,799,0 PRODUCTVERSION 2,5,800,0
FILEFLAGSMASK 0x3fL FILEFLAGSMASK 0x3fL
#ifdef _DEBUG #ifdef _DEBUG
FILEFLAGS 0x1L FILEFLAGS 0x1L
@ -337,13 +337,13 @@ BEGIN
BEGIN BEGIN
VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)" VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)"
VALUE "FileDescription", "Rufus" VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "2.5.799" VALUE "FileVersion", "2.5.800"
VALUE "InternalName", "Rufus" VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "© 2011-2015 Pete Batard (GPL v3)" VALUE "LegalCopyright", "© 2011-2015 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html" VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html"
VALUE "OriginalFilename", "rufus.exe" VALUE "OriginalFilename", "rufus.exe"
VALUE "ProductName", "Rufus" VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "2.5.799" VALUE "ProductVersion", "2.5.800"
END END
END END
BLOCK "VarFileInfo" BLOCK "VarFileInfo"

7
src/syslinux.c
View file

@ -122,7 +122,7 @@ BOOL InstallSyslinux(DWORD drive_index, char drive_letter, int fs_type)
sectbuf = malloc(SECTOR_SIZE); sectbuf = malloc(SECTOR_SIZE);
if (sectbuf == NULL) if (sectbuf == NULL)
goto out; goto out;
/* Initialize the ADV -- this should be smarter */ /* Initialize the ADV -- this should be smarter */
syslinux_reset_adv(syslinux_adv); syslinux_reset_adv(syslinux_adv);
@ -262,7 +262,10 @@ BOOL InstallSyslinux(DWORD drive_index, char drive_letter, int fs_type)
} }
/* Patch ldlinux.sys and the boot sector */ /* Patch ldlinux.sys and the boot sector */
syslinux_patch(sectors, nsectors, 0, 0, NULL, NULL); if (syslinux_patch(sectors, nsectors, 0, 0, NULL, NULL) < 0) {
uprintf("Could not patch Syslinux files");
goto out;
}
/* Rewrite the file */ /* Rewrite the file */
if (SetFilePointer(f_handle, 0, NULL, FILE_BEGIN) != 0 || if (SetFilePointer(f_handle, 0, NULL, FILE_BEGIN) != 0 ||

4
src/syslinux/libinstaller/syslxmod.c
View file

@ -123,9 +123,11 @@ int syslinux_patch(const sector_t *sectp, int nsectors,
/* Search for LDLINUX_MAGIC to find the patch area */ /* Search for LDLINUX_MAGIC to find the patch area */
for (wp = (const uint32_t _slimg *)boot_image; for (wp = (const uint32_t _slimg *)boot_image;
get_32_sl(wp) != LDLINUX_MAGIC; (get_32_sl(wp) != LDLINUX_MAGIC) && (((uintptr_t)wp) < ((uintptr_t)boot_image + boot_image_len));
wp++) wp++)
; ;
if (((uintptr_t)wp) >= ((uintptr_t)boot_image + boot_image_len))
return -1;
patcharea = (struct patch_area _slimg *)wp; patcharea = (struct patch_area _slimg *)wp;
epa = slptr(boot_image, &patcharea->epaoffset); epa = slptr(boot_image, &patcharea->epaoffset);