> is_gpt_valid() already contains
> pt_size = (u64)le32_to_cpu((*gpt)->num_partition_entries) *
> le32_to_cpu((*gpt)->sizeof_partition_entry);
> if (pt_size > KMALLOC_MAX_SIZE)
> pr_debug("GUID Partition Table is too large: %llu > %lu bytes\n",
> (unsigned long long)pt_size, KMALLOC_MAX_SIZE);
> goto fail;
> }
> I guess it good enough for sanity check.
>
> If you want to be really paranoid than you can also check that array
> is possible to store to the expected area on the disk:
>
> pt_size <= (gpt->first_usable_lba - gpt->partition_entry_lba)
>
Well, we should apply several checks for different cases:
- primary GPT: table entries should not override gpt->first_usable_lba
- alternate GPT, table entries BEFORE agpt (agpt->partition_entry_lba
< agpt_lba): table entries should not override agpt_lba AND
agpt->partition_entry_lba MUST BE more than agpt->last_usable_lba
- alternate GPT, table entries AFTER agpt (agpt->partition_entry_lba >
agpt_lba): table entries should not override the end of the disk
Is this correct?
--
Eugene
