From 174d2c08409659a6a6f798b5e4bc0c6040f20712 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@thewalter.net>
Date: Thu, 25 Aug 2005 19:09:37 +0000
Subject: Commit work on 0.8.7 (delayed commit)

---
 AUTHORS      |  1 +
 ChangeLog    |  4 ++++
 configure.in |  4 ++--
 src/ntfs.c   | 16 ++++++++--------
 src/ntfsx.c  | 42 ++++++++++++++++++++++++++++++------------
 src/ntfsx.h  |  1 +
 6 files changed, 46 insertions(+), 22 deletions(-)

diff --git a/AUTHORS b/AUTHORS
index f9d43fb..a425635 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -3,3 +3,4 @@ nielsen@memberwebs.com
 
 PATCHES:
 Marius HillenBrand <marius@sirius.inka.de>
+Albert Kwok <Albert.Kwok@Sun.COM>
diff --git a/ChangeLog b/ChangeLog
index 73f6ee7..6f0fafe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+0.8.7
+ - Fix crasher on corrupted drives. A problem with update
+   sequence offset being filled with garbage [Albert Kwok]
+
 0.8.6
  - Don't exit on error reading source drive [Marius Hillenbrand]
  - Fixed core dump when attribute list, but no MFT loaded [Marius Hillenbrand]
diff --git a/configure.in b/configure.in
index 486e7b1..6b9af12 100644
--- a/configure.in
+++ b/configure.in
@@ -36,8 +36,8 @@ dnl  Nate Nielsen <nielsen@memberwebs.com>
 dnl
 
 dnl Process this file with autoconf to produce a configure script.
-AC_INIT(scrounge-ntfs, 0.8.6, nielsen@memberwebs.com)
-AM_INIT_AUTOMAKE(scrounge-ntfs, 0.8.6)
+AC_INIT(scrounge-ntfs, 0.8.6.90, nielsen@memberwebs.com)
+AM_INIT_AUTOMAKE(scrounge-ntfs, 0.8.6.90)
 
 LDFLAGS="$LDFLAGS -L/usr/local/lib"
 CFLAGS="$CFLAGS -I/usr/local/include"
diff --git a/src/ntfs.c b/src/ntfs.c
index 3e2b657..0d7210d 100644
--- a/src/ntfs.c
+++ b/src/ntfs.c
@@ -101,25 +101,25 @@ bool ntfs_dofixups(byte* cluster, uint32 size)
 {
 	ntfs_recordheader* record = (ntfs_recordheader*)cluster;
 	byte numSectors;
-  uint16* updSeq;
-  uint16* sectorFooter;
-  byte i;
+    uint16* updSeq;
+    uint16* sectorFooter;
+    byte i;
 
 	ASSERT(size % kSectorSize == 0);
-  numSectors = (byte)(size / kSectorSize);
+    numSectors = (byte)(size / kSectorSize);
 
-  /* Check the number of sectors against array */
+    /* Check the number of sectors against array */
 	if(record->cwUpdSeq - 1 < numSectors)
 		numSectors = record->cwUpdSeq - 1;
-
+      
 	updSeq = (uint16*)(cluster + record->offUpdSeq);
 
 	for(i = 0; i < numSectors; i++)
 	{
-    /*
+        /*
 		 * Check last 2 bytes in each sector against
 		 * first double byte value in update sequence 
-     */
+        */
 		sectorFooter = (uint16*)((cluster + (kSectorSize - 2)) + (i * kSectorSize));
 		if(*sectorFooter == updSeq[0])
 			*sectorFooter = updSeq[i + 1];
diff --git a/src/ntfsx.c b/src/ntfsx.c
index 6008e1a..865199d 100644
--- a/src/ntfsx.c
+++ b/src/ntfsx.c
@@ -452,31 +452,49 @@ ntfsx_record* ntfsx_record_alloc(partitioninfo* info)
 
 void ntfsx_record_free(ntfsx_record* record)
 {
-  ntfsx_cluster_release(&(record->_clus));
-  free(record);
+    ntfsx_cluster_release(&(record->_clus));
+    free(record);
 }
 
 bool ntfsx_record_read(ntfsx_record* record, uint64 begSector, int dd)
 {
-  ntfs_recordheader* rechead;
+    ntfs_recordheader* rechead;
 
-  if(!ntfsx_cluster_read(&(record->_clus), record->info, begSector, dd))
-  {
-    warn("couldn't read mft record from drive");
-    return false;
-  }
+    if(!ntfsx_cluster_read(&(record->_clus), record->info, begSector, dd))
+    {
+        warn("couldn't read mft record from drive");
+        return false;
+    }
 
 	/* Check and validate this record */
 	rechead = ntfsx_record_header(record);
 	if(rechead->magic != kNTFS_RecMagic || 
+       !ntfsx_record_validate(record) || 
 	   !ntfs_dofixups(record->_clus.data, record->_clus.size))
 	{
-    warnx("invalid mft record");
-    ntfsx_cluster_release(&(record->_clus));
-    return false;
+        warnx("invalid mft record");
+        ntfsx_cluster_release(&(record->_clus));
+        return false;
 	}
 
-  return true;
+    return true;
+}
+
+bool ntfsx_record_validate(ntfsx_record* record)
+{
+    ntfs_recordheader* rechead;
+    rechead = ntfsx_record_header(record);
+    
+    /* 
+     * TODO: We need more validation here 
+     * In addition we should be validating attribute
+     * headers and anything else we read into memory
+     */
+    
+    if(rechead->offUpdSeq > kSectorSize)
+        return false;
+        
+    return true;    
 }
 
 ntfsx_cluster* ntfsx_record_cluster(ntfsx_record* record)
diff --git a/src/ntfsx.h b/src/ntfsx.h
index 2c1054c..45bcbdc 100644
--- a/src/ntfsx.h
+++ b/src/ntfsx.h
@@ -88,6 +88,7 @@ ntfsx_record* ntfsx_record_alloc(partitioninfo* info);
 ntfsx_cluster* ntfsx_record_cluster(ntfsx_record* record);
 void ntfsx_record_free(ntfsx_record* record);
 bool ntfsx_record_read(ntfsx_record* record, uint64 begSector, int dd);
+bool ntfsx_record_validate(ntfsx_record* record);
 ntfs_recordheader* ntfsx_record_header(ntfsx_record* record);
 ntfsx_attribute* ntfsx_record_findattribute(ntfsx_record* record, uint32 attrType, int dd);
 
-- 
cgit v1.2.3