From db11ac1ab56bc13514a029e7d126c5efe2c68bc2 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Sat, 18 Aug 2012 00:37:21 +0200 Subject: journald: add additional simple static tests to verifier --- src/journal/journal-verify.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'src/journal/journal-verify.c') diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c index f9a930e42e..7be0d2e5d7 100644 --- a/src/journal/journal-verify.c +++ b/src/journal/journal-verify.c @@ -45,6 +45,8 @@ * */ static int journal_file_object_verify(JournalFile *f, Object *o) { + uint64_t i; + assert(f); assert(o); @@ -87,12 +89,22 @@ static int journal_file_object_verify(JournalFile *f, Object *o) { if (h1 != h2) return -EBADMSG; + if (!VALID64(o->data.next_hash_offset) || + !VALID64(o->data.next_field_offset) || + !VALID64(o->data.entry_offset) || + !VALID64(o->data.entry_array_offset)) + return -EBADMSG; + break; } case OBJECT_FIELD: if (le64toh(o->object.size) - offsetof(FieldObject, payload) <= 0) return -EBADMSG; + + if (!VALID64(o->field.next_hash_offset) || + !VALID64(o->field.head_data_offset)) + return -EBADMSG; break; case OBJECT_ENTRY: @@ -106,6 +118,12 @@ static int journal_file_object_verify(JournalFile *f, Object *o) { le64toh(o->entry.realtime) <= 0) return -EBADMSG; + for (i = 0; i < journal_file_entry_n_items(o); i++) { + if (o->entry.items[i].object_offset == 0 || + !VALID64(o->entry.items[i].object_offset)) + return -EBADMSG; + } + break; case OBJECT_DATA_HASH_TABLE: @@ -125,6 +143,9 @@ static int journal_file_object_verify(JournalFile *f, Object *o) { if ((le64toh(o->object.size) - offsetof(EntryArrayObject, items)) / sizeof(le64_t) <= 0) return -EBADMSG; + if (!VALID64(o->entry_array.next_entry_array_offset)) + return -EBADMSG; + break; case OBJECT_TAG: -- cgit v1.2.3-54-g00ecf