From 9790b81959fc31e0690380ef5c3b6e7e4a6b9802 Mon Sep 17 00:00:00 2001 From: Liav A Date: Sat, 18 Feb 2023 16:44:16 +0200 Subject: [PATCH] Kernel/FileSystem: Add check of read offset for the FATInode code Apparently we lacked this important check from the beginning of this piece of code. This check is crucial to ensure we only give back data being related to the FATInode data buffer and nothing beyond it. --- Kernel/FileSystem/FATFS/Inode.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Kernel/FileSystem/FATFS/Inode.cpp b/Kernel/FileSystem/FATFS/Inode.cpp index 0dcd95468c..6683a77917 100644 --- a/Kernel/FileSystem/FATFS/Inode.cpp +++ b/Kernel/FileSystem/FATFS/Inode.cpp @@ -201,6 +201,9 @@ u32 FATInode::first_cluster() const ErrorOr FATInode::read_bytes_locked(off_t offset, size_t size, UserOrKernelBuffer& buffer, OpenFileDescription*) const { dbgln_if(FAT_DEBUG, "FATFS: Reading inode {}: size: {} offset: {}", identifier().index(), size, offset); + VERIFY(offset >= 0); + if (offset >= m_metadata.size) + return 0; // FIXME: Read only the needed blocks instead of the whole file auto blocks = TRY(const_cast(*this).read_block_list());