You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
components/Sataserver/src/sataserver.c has the following code for read (and very similar for write):
found = calulate_sector_offset(client, &offset, (uint32_t)sector);
if (found) {
err = sata_read_sectors(&sata_driver, drive, len / SATA_BLK_SIZE, sector + offset, packet);
where len is up to 4096, and sector is in SATA_BLK_SIZE units (typically, 512). This means that if sector points to a location within <8 blocks of the end of a partition, the read/write can go up to 3584 bytes past the end of partition, exposing up to 7 sectors at the beginning of the next partition, even if that partition is configured to be inaccessible to the Sataserver.
I fixed that bug while at HRL under DARPA HACMS contract; DARPA have subsequently released the code under distribution A. Attached patch was received directly from DARPA without any nondisclosure conditions 0002-Fixed-several-bugs-in-the-storage-driver.patch.
Note that there was an issue with this - it eliminates the limit in the buffer size for read/write. This did not cause issues with Ubuntu host, but did cause issues with CentOS hosts. A possible fix (which was not included in the DARPA-released code) is to support partial reads/writes.
The text was updated successfully, but these errors were encountered:
components/Sataserver/src/sataserver.c
has the following code for read (and very similar for write):where
len
is up to 4096, andsector
is inSATA_BLK_SIZE
units (typically, 512). This means that if sector points to a location within <8 blocks of the end of a partition, the read/write can go up to 3584 bytes past the end of partition, exposing up to 7 sectors at the beginning of the next partition, even if that partition is configured to be inaccessible to the Sataserver.I fixed that bug while at HRL under DARPA HACMS contract; DARPA have subsequently released the code under distribution A. Attached patch was received directly from DARPA without any nondisclosure conditions
0002-Fixed-several-bugs-in-the-storage-driver.patch.
Note that there was an issue with this - it eliminates the limit in the buffer size for read/write. This did not cause issues with Ubuntu host, but did cause issues with CentOS hosts. A possible fix (which was not included in the DARPA-released code) is to support partial reads/writes.
The text was updated successfully, but these errors were encountered: