From 6faf979386282a1b9be4c74d8ef7d64d107b3e3d Mon Sep 17 00:00:00 2001
From: "H. Peter Anvin" <hpa@zytor.com>
Date: Fri, 5 Mar 2010 10:58:42 -0800
Subject: [PATCH] VFAT: handle filenames with are exact multiples of 13

Filenames in VFAT that are exact multiples of 13 are not
null-terminated; handle that particular subcase.

Reported-by: Gert Hulselmans <gerth@zytor.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
---
 core/fs/fat/fat.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/core/fs/fat/fat.c b/core/fs/fat/fat.c
index fbd524d..3fe5521 100644
--- a/core/fs/fat/fat.c
+++ b/core/fs/fat/fat.c
@@ -1,3 +1,4 @@
+#include <dprintf.h>
 #include <stdio.h>
 #include <string.h>
 #include <sys/dirent.h>
@@ -320,11 +321,12 @@ static void mangle_dos_name(char *mangle_buf, const char *src)
 static bool vfat_match_longname(const char *str, const uint16_t *match,
 				int len)
 {
-    unsigned char c;
+    unsigned char c = -1;	/* Nonzero: we have not yet seen NUL */
     uint16_t cp;
 
-    while (len--) {
-	cp = *match++;
+    while (len && (cp = *match)) {
+	match++;
+	len--;
 	c = *str++;
 	if (cp != codepage.uni[0][c] && cp != codepage.uni[1][c])
 	    return false;
@@ -332,7 +334,12 @@ static bool vfat_match_longname(const char *str, const uint16_t *match,
 	    break;
     }
 
-    if (c)
+    /*
+     * If the filename is an exact multiple of 13, we have not yet
+     * consumed the final null byte... make sure the next thing in the
+     * pattern string really is a null byte.
+     */
+    if (c && *str)
 	return false;
 
     /* Any padding entries must be FFFF */
-- 
2.7.4