Bug Fixes
-
SCSI defect list bounds check (32-bit) — A previous release fixed an out-of-bounds memory access in SCSI defect list handling on 64-bit builds. This patch extends the same guard to 32-bit builds.
-
Fast-format MBR erase on SATA — Fixed a logic error where fast-format incorrectly assumed ATA Zeros Ext was always available. On hardware that does not support that command, the MBR erase step was silently skipped. If the drive had a valid MBR — including a protective MBR from a GPT-partitioned disk — the drive could become unpartitionable after a sector-size change unless erased with another tool like openSeaChest_Erase after a power cycle to the system was completed.
-
json-c header installation — Fixed an issue where json-c headers were being installed from builds sourced directly from this GitHub repository. (#327)
-
Additional memory safety guards — Several operations that allocate memory based on device-reported values received the same class of fix applied to the SCSI defect list. A maliciously crafted or buggy device could return an abnormally large count that causes the calculated allocation size to wrap around, leading to an undersized buffer and a subsequent out-of-bounds write. None of these conditions are reachable with real, spec-compliant hardware. The affected operations are:
- Partition info (
--showPartitionInfo) — A GPT header reporting ≥ ~31.5 million partition entries (far beyond what the UEFI specification permits) could trigger a heap overflow on 32-bit builds. - SAS firmware download info (
--showFWDLInfo) — A response to the Report Supported Operation Codes command returning a total length >0xFFFFFFFCcould trigger an out-of-bounds read and write. - Set Max LBA model number mapping — A device reporting an abnormally large number of capacity/model-number descriptors (beyond what the ATA or SCSI specifications allow) could trigger a similar overflow.
- Partition info (
-
SCSI log and VPD page parser robustness — Added realistic upper-bound checks when iterating over SCSI log pages, subpages, and VPD page lists. A device returning a malformed or oversized page length value could cause a
uint16_tloop variable to wrap, which in at least one code path could produce an infinite loop that could never exit. These checks ensure all loops terminate correctly regardless of what the device reports.
Repackaging and Building changes
For those that repackage openSeaChest to distrubute to other repositories or build openSeaChest directly, this changes how the json-c dependency is used/included.
-Json-c dependency switched to a wrap file (git type) - Allows using available system version of Json-c to link against if available. Falls back to cloning and directly linking like we previously had.
-Resolves #327 - When using built-in system dependency all "install files" from json-c will not show up when repackaging to RPM or other types.
-Using git cloned json-c - if system json-c is not found, meson will clone it for you at build time. When packaging, in order to NOT include json-c headers, you need to use meson install --skip-subprojects before packaging in order to skip including the json-c headers in a package. This is a meson limitation and the workaround if you need to use this method (chances are you do not)
-msbuild/msvc/makefiles - If you are using msbuild, Visual Studio projects, or make with the json output enabled, you will need to clone json-c into <openSeaChestRoot>/subprojects/json-c before building. It is preferred you use meson to build since it will take care of this for you automatically.