[src/trunk]: src/sys/lib/libsa Fix cd9660_read() to not read past the end of ...

[mhitch <mhitch%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/115612b09713
branches:  trunk
changeset: 780419:115612b09713
user:      mhitch <mhitch%NetBSD.org@localhost>
date:      Mon Jul 23 00:49:20 2012 +0000

description:
Fix cd9660_read() to not read past the end of the file.  This would result
in incorrect resid values, and causes the read of /boot.cfg to ignore the
file.  If the requested transfer extends past the end of the file, force
the internal buffer to be used, and when transferring data from the
internal buffer, limit the transfer to what's left in the file.  CDROM
boot will now process the /boot.cfg file.

diffstat:

 sys/lib/libsa/cd9660.c |  5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diffs (26 lines):

diff -r 112afdf57fc0 -r 115612b09713 sys/lib/libsa/cd9660.c
--- a/sys/lib/libsa/cd9660.c    Mon Jul 23 00:25:41 2012 +0000
+++ b/sys/lib/libsa/cd9660.c    Mon Jul 23 00:49:20 2012 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cd9660.c,v 1.28 2011/12/25 06:09:08 tsutsui Exp $      */
+/*     $NetBSD: cd9660.c,v 1.29 2012/07/23 00:49:20 mhitch Exp $       */
 
 /*
  * Copyright (C) 1996 Wolfgang Solfrank.
@@ -318,6 +318,7 @@
                        break;
                bno = fp->off / ISO_DEFAULT_BLOCK_SIZE + fp->bno;
                if (fp->off & (ISO_DEFAULT_BLOCK_SIZE - 1)
+                   || (fp->off + ISO_DEFAULT_BLOCK_SIZE) > fp->size
                    || size < ISO_DEFAULT_BLOCK_SIZE)
                        dp = buf;
                else
@@ -336,6 +337,8 @@
                        if (nread > off + size)
                                nread = off + size;
                        nread -= off;
+                       if (nread > fp->size - fp->off)
+                               nread = fp->size - fp->off;
                        memcpy(start, buf + off, nread);
                        start = (char *)start + nread;
                        fp->off += nread;