adf_dir / adfGetRDirEnt: prevent OOM error in case of invalid linking.

t-w · t-w · commit 607d6ffc3a99 · 2026-04-14T17:41:44.000+02:00
The recent corrections (4cfa5f3, 1327704) allowing to read volumes containing invalid (looping) linking might not address all the cases (hard to predict what other tricks could have been used...). To prevent any OOM crashes in other cases like this, an additional mechanism is added. It limits the number of levels when traversing directories. The AmigaOS has the limit of 256 characters for the path, but the limit is set somewhat higher, to 512 levels (what, on valid volumes, should never be reached). Anyway, this will prevent any OOM crashes related to such cases.
diff --git a/src/adf_dir.c b/src/adf_dir.c
@@ -39,6 +39,8 @@
 #include <string.h>
 
 
+#define ADF_DIR_MAX_LEVELS 512u
+
 static void adfStrToUpper( uint8_t * const        nstr,
                            const uint8_t * const  ostr,
                            const unsigned         nlen,
@@ -145,13 +147,22 @@ struct AdfList * adfGetDirEnt( const struct AdfVolume * const  vol,
 }
 
 /*
- * adfGetRDirEnt
+ * adfGetRDirEntLimited
  *
  */
-struct AdfList * adfGetRDirEnt( const struct AdfVolume * const  vol,
-                                const ADF_SECTNUM               nSect,
-                                const bool                      recurs )
+static struct AdfList * adfGetRDirEntLimited( const struct AdfVolume * const  vol,
+                                              const ADF_SECTNUM               nSect,
+                                              const bool                      recurs,
+                                              const unsigned                  level )
 {
+    if ( level > ADF_DIR_MAX_LEVELS ) {
+        adfEnv.eFct( "%s: Too many levels (>%u), check the volume's filesystem for "
+                     "errors (possible invalid linking between internal data structures). "
+                     "This also means 'path too long' on AmigaOS (max. 256 characters!).",
+                     __func__, ADF_DIR_MAX_LEVELS );
+        return NULL;
+    }
+
     struct AdfList *cell, *head;
     struct AdfEntry * entry;
     struct AdfEntryBlock parent, entryBlk;
@@ -192,8 +203,8 @@ struct AdfList * adfGetRDirEnt( const struct AdfVolume * const  vol,
             }
 
             if ( recurs && entry->type == ADF_ST_DIR )
-                cell->subdir = adfGetRDirEnt( vol, entry->sector, recurs );
-
+                cell->subdir = adfGetRDirEntLimited( vol, entry->sector, recurs,
+                                                     level + 1 );
             if ( entryBlk.nextSameHash == 0 )
                 break;
 
@@ -258,6 +269,17 @@ struct AdfList * adfGetRDirEnt( const struct AdfVolume * const  vol,
     return head;
 }
 
+/*
+ * adfGetRDirEnt
+ *
+ */
+struct AdfList * adfGetRDirEnt( const struct AdfVolume * const  vol,
+                                const ADF_SECTNUM               nSect,
+                                const bool                      recurs )
+{
+    return adfGetRDirEntLimited( vol, nSect, recurs, 0 );
+}
+
 /*
  * adfFreeDirList
  *
