The cluster size specifies how many sectors make up a cluster. A cluster size of zero makes no sense, as it would mean that the cluster is made up of no sectors. This will later lead into a division by zero in sect_to_clust(), so better take care of that early.

The MAX_CLUSTSIZE define can reduced using a define to make some room in low-memory system. Unfortunately if the code reads a filesystem with a bigger cluster size it will overflow the buffer.

Signed-off-by: Patrick Wildt patrick@blueri.se --- fs/fat/fat.c | 11 +++++++++++ 1 file changed, 11 insertions(+)

diff --git a/fs/fat/fat.c b/fs/fat/fat.c index cadf3d039f0..ac8913e7192 100644 --- a/fs/fat/fat.c +++ b/fs/fat/fat.c @@ -571,6 +571,17 @@ static int get_fs_info(fsdata *mydata) mydata->sect_size, cur_part_info.blksz); return -1; } + if (mydata->clust_size == 0) { + printf("Error: FAT cluster size not set\n"); + return -1; + } + if ((unsigned int)mydata->clust_size * mydata->sect_size > + MAX_CLUSTSIZE) { + printf("Error: FAT cluster size too big (cs=%u, max=%u)\n", + (unsigned int)mydata->clust_size * mydata->sect_size, + MAX_CLUSTSIZE); + return -1; + }

if (mydata->fatsize == 32) { mydata->data_begin = mydata->rootdir_sect -