From 89563b0cc86743a0f5869e076b115701111f8a02 Mon Sep 17 00:00:00 2001 From: Zachary Travis Date: Fri, 16 Aug 2024 10:06:27 -0700 Subject: [PATCH 1/2] Test --- libpff/libpff_name_to_id_map.c | 63 +++++++++++++++------------------- 1 file changed, 28 insertions(+), 35 deletions(-) diff --git a/libpff/libpff_name_to_id_map.c b/libpff/libpff_name_to_id_map.c index 9aea67e..1246968 100644 --- a/libpff/libpff_name_to_id_map.c +++ b/libpff/libpff_name_to_id_map.c @@ -365,41 +365,34 @@ int libpff_name_to_id_map_read( goto on_error; } - if( name_to_id_map_entries_data == NULL ) - { - libcerror_error_set( - error, - LIBCERROR_ERROR_DOMAIN_RUNTIME, - LIBCERROR_RUNTIME_ERROR_VALUE_MISSING, - "%s: missing name to id map entries data.", - function ); - - goto on_error; - } - if( ( name_to_id_map_entries_data_size == 0 ) - || ( name_to_id_map_entries_data_size > (size_t) SSIZE_MAX ) ) - { - libcerror_error_set( - error, - LIBCERROR_ERROR_DOMAIN_RUNTIME, - LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, - "%s: invalid name to id map entries data size value out of bounds.", - function ); - - goto on_error; - } - if( ( name_to_id_map_entries_data_size % 8 ) != 0 ) - { - libcerror_error_set( - error, - LIBCERROR_ERROR_DOMAIN_RUNTIME, - LIBCERROR_RUNTIME_ERROR_UNSUPPORTED_VALUE, - "%s: unsupported name to id map entries size.", - function ); - - goto on_error; - } - number_of_name_to_id_map_entries = (uint32_t) ( name_to_id_map_entries_data_size / 8 ); + if( name_to_id_map_entries_data == NULL || name_to_id_map_entries_data_size == 0) + { + number_of_name_to_id_map_entries = 0; + } else { + if(( name_to_id_map_entries_data_size > (size_t) SSIZE_MAX ) ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: invalid name to id map entries data size value out of bounds.", + function ); + + goto on_error; + } + if( ( name_to_id_map_entries_data_size % 8 ) != 0 ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_UNSUPPORTED_VALUE, + "%s: unsupported name to id map entries size.", + function ); + + goto on_error; + } + number_of_name_to_id_map_entries = (uint32_t) ( name_to_id_map_entries_data_size / 8 ); + } if( libpff_table_get_record_entry_by_type( item_values->table, From f28e7f2195b95910668c0fd705f228110ae00e98 Mon Sep 17 00:00:00 2001 From: Zachary Travis Date: Fri, 16 Aug 2024 13:39:22 -0700 Subject: [PATCH 2/2] Two more fixes --- libpff/libpff_local_descriptors.c | 1 + libpff/libpff_name_to_id_map.c | 16 ++-------------- 2 files changed, 3 insertions(+), 14 deletions(-) diff --git a/libpff/libpff_local_descriptors.c b/libpff/libpff_local_descriptors.c index 2b47b9e..9406fd1 100644 --- a/libpff/libpff_local_descriptors.c +++ b/libpff/libpff_local_descriptors.c @@ -371,6 +371,7 @@ int libpff_local_descriptors_get_leaf_node_from_node_by_identifier( { return( 0 ); } + result = 0; if( offsets_index_value == NULL ) { libcerror_error_set( diff --git a/libpff/libpff_name_to_id_map.c b/libpff/libpff_name_to_id_map.c index 1246968..2f1aeca 100644 --- a/libpff/libpff_name_to_id_map.c +++ b/libpff/libpff_name_to_id_map.c @@ -445,19 +445,7 @@ int libpff_name_to_id_map_read( goto on_error; } - if( name_to_id_map_class_identifiers_data == NULL ) - { - libcerror_error_set( - error, - LIBCERROR_ERROR_DOMAIN_RUNTIME, - LIBCERROR_RUNTIME_ERROR_VALUE_MISSING, - "%s: missing name to id map class identifiers data.", - function ); - - goto on_error; - } - if( ( name_to_id_map_class_identifiers_data_size == 0 ) - || ( name_to_id_map_class_identifiers_data_size > (size64_t) SSIZE_MAX ) ) + if( (name_to_id_map_class_identifiers_data_size > (size64_t) SSIZE_MAX ) ) { libcerror_error_set( error, @@ -660,7 +648,7 @@ int libpff_name_to_id_map_entry_read( return( -1 ); } - if( ( name_to_id_map_class_identifiers_data_size < 16 ) + if( ( name_to_id_map_class_identifiers_data_size < 0 ) || ( name_to_id_map_class_identifiers_data_size > (size_t) SSIZE_MAX ) ) { libcerror_error_set(