diff options
author | le <le@FreeBSD.org> | 2006-11-20 19:28:36 +0000 |
---|---|---|
committer | le <le@FreeBSD.org> | 2006-11-20 19:28:36 +0000 |
commit | d8d1f1dab4c8fe470b9b21cca29e76af01cf883b (patch) | |
tree | 1bac723b78fcd2d2f6977b9fcbe657bce9466a04 /sys/fs/ntfs | |
parent | 1eab20d6eacc49ec68067a17fb26b0ea720a9aa1 (diff) | |
download | FreeBSD-src-d8d1f1dab4c8fe470b9b21cca29e76af01cf883b.zip FreeBSD-src-d8d1f1dab4c8fe470b9b21cca29e76af01cf883b.tar.gz |
Fix an integer overflow and allow access to files larger than 4GB on
NTFS.
Diffstat (limited to 'sys/fs/ntfs')
-rw-r--r-- | sys/fs/ntfs/ntfs_subr.c | 22 | ||||
-rw-r--r-- | sys/fs/ntfs/ntfs_subr.h | 4 | ||||
-rw-r--r-- | sys/fs/ntfs/ntfs_vnops.c | 12 |
3 files changed, 19 insertions, 19 deletions
diff --git a/sys/fs/ntfs/ntfs_subr.c b/sys/fs/ntfs/ntfs_subr.c index cbe776b..972cfb0 100644 --- a/sys/fs/ntfs/ntfs_subr.c +++ b/sys/fs/ntfs/ntfs_subr.c @@ -889,7 +889,7 @@ ntfs_ntlookupfile( cn_t cn; /* VCN in current attribute */ caddr_t rdbuf; /* Buffer to read directory's blocks */ u_int32_t blsize; - u_int32_t rdsize; /* Length of data to read from current block */ + u_int64_t rdsize; /* Length of data to read from current block */ struct attr_indexentry *iep; int error, res, anamelen, fnamelen; const char *fname,*aname; @@ -927,7 +927,7 @@ ntfs_ntlookupfile( break; } - dprintf(("ntfs_ntlookupfile: blksz: %d, rdsz: %d\n", blsize, rdsize)); + dprintf(("ntfs_ntlookupfile: blksz: %d, rdsz: %jd\n", blsize, rdsize)); MALLOC(rdbuf, caddr_t, blsize, M_TEMP, M_WAITOK); @@ -1175,7 +1175,7 @@ ntfs_ntreaddir( goto fail; } cpbl = ntfs_btocn(blsize + ntfs_cntob(1) - 1); - dprintf(("ntfs_ntreaddir: indexalloc: %d, cpbl: %d\n", + dprintf(("ntfs_ntreaddir: indexalloc: %jd, cpbl: %d\n", iavap->va_datalen, cpbl)); } else { dprintf(("ntfs_ntreadidir: w/o BitMap and IndexAllocation\n")); @@ -1388,7 +1388,7 @@ ntfs_writeattr_plain( ntfs_btocn(off), &vap); if (error) return (error); - towrite = min(left, ntfs_cntob(vap->va_vcnend + 1) - off); + towrite = MIN(left, ntfs_cntob(vap->va_vcnend + 1) - off); ddprintf(("ntfs_writeattr_plain: o: %d, s: %d (%d - %d)\n", (u_int32_t) off, (u_int32_t) towrite, (u_int32_t) vap->va_vcnstart, @@ -1433,7 +1433,7 @@ ntfs_writentvattr_plain( struct uio *uio) { int error = 0; - int off; + off_t off; int cnt; cn_t ccn, ccl, cn, left, cl; caddr_t data = rdata; @@ -1483,7 +1483,7 @@ ntfs_writentvattr_plain( * blocks at the same disk offsets to avoid * confusing the buffer cache. */ - tocopy = min(left, ntfs_cntob(1) - off); + tocopy = MIN(left, ntfs_cntob(1) - off); cl = ntfs_btocl(tocopy + off); KASSERT(cl == 1 && tocopy <= ntfs_cntob(1), ("single cluster limit mistake")); @@ -1544,7 +1544,7 @@ ntfs_readntvattr_plain( struct uio *uio) { int error = 0; - int off; + off_t off; *initp = 0; if (vap->va_flag & NTFS_AF_INRUN) { @@ -1589,7 +1589,7 @@ ntfs_readntvattr_plain( * same disk offsets to avoid * confusing the buffer cache. */ - tocopy = min(left, + tocopy = MIN(left, ntfs_cntob(1) - off); cl = ntfs_btocl(tocopy + off); KASSERT(cl == 1 && @@ -1628,7 +1628,7 @@ ntfs_readntvattr_plain( ccl -= cl; } } else { - tocopy = min(left, ntfs_cntob(ccl) - off); + tocopy = MIN(left, ntfs_cntob(ccl) - off); ddprintf(("ntfs_readntvattr_plain: " "hole: ccn: 0x%x ccl: %d, off: %d, " \ " len: %d, left: %d\n", @@ -1690,7 +1690,7 @@ ntfs_readattr_plain( ntfs_btocn(off), &vap); if (error) return (error); - toread = min(left, ntfs_cntob(vap->va_vcnend + 1) - off); + toread = MIN(left, ntfs_cntob(vap->va_vcnend + 1) - off); ddprintf(("ntfs_readattr_plain: o: %d, s: %d (%d - %d)\n", (u_int32_t) off, (u_int32_t) toread, (u_int32_t) vap->va_vcnstart, @@ -1775,7 +1775,7 @@ ntfs_readattr( if (error) break; - tocopy = min(left, ntfs_cntob(NTFS_COMPUNIT_CL) - off); + tocopy = MIN(left, ntfs_cntob(NTFS_COMPUNIT_CL) - off); if (init == ntfs_cntob(NTFS_COMPUNIT_CL)) { if (uio) diff --git a/sys/fs/ntfs/ntfs_subr.h b/sys/fs/ntfs/ntfs_subr.h index c0ecc75..65b0025 100644 --- a/sys/fs/ntfs/ntfs_subr.h +++ b/sys/fs/ntfs/ntfs_subr.h @@ -45,8 +45,8 @@ struct ntvattr { u_int32_t va_compression; u_int32_t va_compressalg; - u_int32_t va_datalen; - u_int32_t va_allocated; + u_int64_t va_datalen; + u_int64_t va_allocated; cn_t va_vcnstart; cn_t va_vcnend; u_int16_t va_index; diff --git a/sys/fs/ntfs/ntfs_vnops.c b/sys/fs/ntfs/ntfs_vnops.c index 48da556..0b90b60 100644 --- a/sys/fs/ntfs/ntfs_vnops.c +++ b/sys/fs/ntfs/ntfs_vnops.c @@ -138,7 +138,7 @@ ntfs_read(ap) if (uio->uio_offset > fp->f_size) return (0); - resid = min(uio->uio_resid, fp->f_size - uio->uio_offset); + resid = MIN(uio->uio_resid, fp->f_size - uio->uio_offset); dprintf((", resid: %d\n", resid)); @@ -147,7 +147,7 @@ ntfs_read(ap) cn = ntfs_btocn(uio->uio_offset); off = ntfs_btocnoff(uio->uio_offset); - toread = min(off + resid, ntfs_cntob(1)); + toread = MIN(off + resid, ntfs_cntob(1)); error = bread(vp, cn, ntfs_cntob(1), NOCRED, &bp); if (error) { @@ -285,7 +285,7 @@ ntfs_strategy(ap) (u_int32_t)bp->b_offset,(u_int32_t)bp->b_blkno, (u_int32_t)bp->b_lblkno)); - dprintf(("strategy: bcount: %d flags: 0x%lx\n", + dprintf(("strategy: bcount: %d flags: 0x%x\n", (u_int32_t)bp->b_bcount,bp->b_flags)); if (bp->b_iocmd == BIO_READ) { @@ -295,7 +295,7 @@ ntfs_strategy(ap) clrbuf(bp); error = 0; } else { - toread = min(bp->b_bcount, + toread = MIN(bp->b_bcount, fp->f_size-ntfs_cntob(bp->b_blkno)); dprintf(("ntfs_strategy: toread: %d, fsize: %d\n", toread,(u_int32_t)fp->f_size)); @@ -321,7 +321,7 @@ ntfs_strategy(ap) bp->b_error = error = EFBIG; bp->b_ioflags |= BIO_ERROR; } else { - towrite = min(bp->b_bcount, + towrite = MIN(bp->b_bcount, fp->f_size-ntfs_cntob(bp->b_blkno)); dprintf(("ntfs_strategy: towrite: %d, fsize: %d\n", towrite,(u_int32_t)fp->f_size)); @@ -367,7 +367,7 @@ ntfs_write(ap) return (EFBIG); } - towrite = min(uio->uio_resid, fp->f_size - uio->uio_offset); + towrite = MIN(uio->uio_resid, fp->f_size - uio->uio_offset); dprintf((", towrite: %d\n",(u_int32_t)towrite)); |