Commit 1a0df15a authored by Anton Altaparmakov's avatar Anton Altaparmakov

NTFS: Fix a bug in fs/ntfs/runlist.c::ntfs_mapping_pairs_decompress() in

      the creation of the unmapped runlist element for the base attribute
      extent.
Signed-off-by: default avatarAnton Altaparmakov <aia21@cantab.net>
parent c002f425
...@@ -60,6 +60,9 @@ ToDo/Notes: ...@@ -60,6 +60,9 @@ ToDo/Notes:
enable bit which is set appropriately and a per inode sparse disable enable bit which is set appropriately and a per inode sparse disable
bit which is preset on some system file inodes as appropriate. bit which is preset on some system file inodes as appropriate.
- Enforce that sparse support is disabled on NTFS volumes pre 3.0. - Enforce that sparse support is disabled on NTFS volumes pre 3.0.
- Fix a bug in fs/ntfs/runlist.c::ntfs_mapping_pairs_decompress() in
the creation of the unmapped runlist element for the base attribute
extent.
2.1.22 - Many bug and race fixes and error handling improvements. 2.1.22 - Many bug and race fixes and error handling improvements.
......
/** /**
* runlist.c - NTFS runlist handling code. Part of the Linux-NTFS project. * runlist.c - NTFS runlist handling code. Part of the Linux-NTFS project.
* *
* Copyright (c) 2001-2004 Anton Altaparmakov * Copyright (c) 2001-2005 Anton Altaparmakov
* Copyright (c) 2002 Richard Russon * Copyright (c) 2002 Richard Russon
* *
* This program/include file is free software; you can redistribute it and/or * This program/include file is free software; you can redistribute it and/or
...@@ -59,7 +59,7 @@ static inline void ntfs_rl_mc(runlist_element *dstbase, int dst, ...@@ -59,7 +59,7 @@ static inline void ntfs_rl_mc(runlist_element *dstbase, int dst,
* *
* As the runlists grow, more memory will be required. To prevent the * As the runlists grow, more memory will be required. To prevent the
* kernel having to allocate and reallocate large numbers of small bits of * kernel having to allocate and reallocate large numbers of small bits of
* memory, this function returns and entire page of memory. * memory, this function returns an entire page of memory.
* *
* It is up to the caller to serialize access to the runlist @rl. * It is up to the caller to serialize access to the runlist @rl.
* *
...@@ -855,30 +855,42 @@ runlist_element *ntfs_mapping_pairs_decompress(const ntfs_volume *vol, ...@@ -855,30 +855,42 @@ runlist_element *ntfs_mapping_pairs_decompress(const ntfs_volume *vol,
if (!attr->data.non_resident.lowest_vcn) { if (!attr->data.non_resident.lowest_vcn) {
VCN max_cluster; VCN max_cluster;
max_cluster = (sle64_to_cpu( max_cluster = ((sle64_to_cpu(
attr->data.non_resident.allocated_size) + attr->data.non_resident.allocated_size) +
vol->cluster_size - 1) >> vol->cluster_size - 1) >>
vol->cluster_size_bits; vol->cluster_size_bits) - 1;
/* /*
* If there is a difference between the highest_vcn and the * A highest_vcn of zero means this is a single extent
* highest cluster, the runlist is either corrupt or, more * attribute so simply terminate the runlist with LCN_ENOENT).
* likely, there are more extents following this one.
*/ */
if (deltaxcn < --max_cluster) { if (deltaxcn) {
ntfs_debug("More extents to follow; deltaxcn = 0x%llx, " /*
"max_cluster = 0x%llx", * If there is a difference between the highest_vcn and
(unsigned long long)deltaxcn, * the highest cluster, the runlist is either corrupt
(unsigned long long)max_cluster); * or, more likely, there are more extents following
rl[rlpos].vcn = vcn; * this one.
vcn += rl[rlpos].length = max_cluster - deltaxcn; */
rl[rlpos].lcn = LCN_RL_NOT_MAPPED; if (deltaxcn < max_cluster) {
rlpos++; ntfs_debug("More extents to follow; deltaxcn "
} else if (unlikely(deltaxcn > max_cluster)) { "= 0x%llx, max_cluster = "
ntfs_error(vol->sb, "Corrupt attribute. deltaxcn = " "0x%llx",
"0x%llx, max_cluster = 0x%llx", (unsigned long long)deltaxcn,
(unsigned long long)deltaxcn, (unsigned long long)
(unsigned long long)max_cluster); max_cluster);
goto mpa_err; rl[rlpos].vcn = vcn;
vcn += rl[rlpos].length = max_cluster -
deltaxcn;
rl[rlpos].lcn = LCN_RL_NOT_MAPPED;
rlpos++;
} else if (unlikely(deltaxcn > max_cluster)) {
ntfs_error(vol->sb, "Corrupt attribute. "
"deltaxcn = 0x%llx, "
"max_cluster = 0x%llx",
(unsigned long long)deltaxcn,
(unsigned long long)
max_cluster);
goto mpa_err;
}
} }
rl[rlpos].lcn = LCN_ENOENT; rl[rlpos].lcn = LCN_ENOENT;
} else /* Not the base extent. There may be more extents to follow. */ } else /* Not the base extent. There may be more extents to follow. */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment