le32 tag;
/* Size of the data of this tagged item, in bytes. This excludes this
- * header and should be a multiple of 8.
- *
- * (Actually, the MS implementation seems to round this up to an 8 byte
- * boundary when calculating the offset to the next tagged item, but
- * uses this length unmodified when validating the item. We might as
- * well do the same.) */
+ * header and should be a multiple of 8. */
le32 length;
/* Variable length data */
u32 desired_tag, u32 min_data_len)
{
size_t minlen_with_hdr = sizeof(struct tagged_item_header) + min_data_len;
- size_t len_remaining = inode->i_extra_size;
- u8 *p = inode->i_extra;
+ size_t len_remaining;
+ u8 *p;
+
+ if (!inode->i_extra)
+ return NULL;
+
+ len_remaining = inode->i_extra->size;
+ p = inode->i_extra->data;
/* Iterate through the tagged items. */
while (len_remaining >= minlen_with_hdr) {
hdr = (struct tagged_item_header *)p;
tag = le32_to_cpu(hdr->tag);
- len = le32_to_cpu(hdr->length);
+ len = ALIGN(le32_to_cpu(hdr->length), 8);
+ /* Length overflow? */
+ if (unlikely(len > len_remaining - sizeof(struct tagged_item_header)))
+ return NULL;
+
+ /* Matches the item we wanted? */
if (tag == desired_tag && len >= min_data_len)
return hdr->data;
- len = (len + 7) & ~7;
- if (len_remaining <= sizeof(struct tagged_item_header) + len)
- return NULL;
len_remaining -= sizeof(struct tagged_item_header) + len;
p += sizeof(struct tagged_item_header) + len;
}
{
size_t itemsize;
size_t newsize;
- u8 *buf;
+ struct wim_inode_extra *extra;
struct tagged_item_header *hdr;
/* We prepend the item instead of appending it because it's easier. */
- itemsize = sizeof(struct tagged_item_header) + ((len + 7) & ~7);
- newsize = itemsize + inode->i_extra_size;
+ itemsize = sizeof(struct tagged_item_header) + ALIGN(len, 8);
+ newsize = itemsize;
+ if (inode->i_extra)
+ newsize += inode->i_extra->size;
- buf = MALLOC(newsize);
- if (!buf)
+ extra = MALLOC(sizeof(struct wim_inode_extra) + newsize);
+ if (!extra)
return NULL;
-
- if (inode->i_extra_size) {
- memcpy(buf + itemsize, inode->i_extra, inode->i_extra_size);
+ if (inode->i_extra) {
+ memcpy(&extra->data[itemsize], inode->i_extra->data,
+ inode->i_extra->size);
FREE(inode->i_extra);
}
- inode->i_extra = buf;
- inode->i_extra_size = newsize;
+ extra->size = newsize;
+ inode->i_extra = extra;
- hdr = (struct tagged_item_header *)buf;
+ hdr = (struct tagged_item_header *)extra->data;
hdr->tag = cpu_to_le32(tag);
hdr->length = cpu_to_le32(len);
- return memset(hdr->data, 0, (len + 7) & ~7);
+ return memset(hdr->data, 0, ALIGN(len, 8));
}
static inline struct wimlib_unix_data_disk *