[Linux-NTFS-Dev] NTFS bugs raised on Linux-Kernel mailing list

[Richard R. <nt...@fl...>]

In case you missed it some guys in Stanford have been busy with some gcc
plugins.  They checked the entire kernel source tree for improper use of
pointers, interrupts and large variables declared on the stack.

The results that apply to us are:

> ... appear to allocate stack variables >= 1024 bytes

> 2.4.1/fs/ntfs/super.c:335:ntfs_get_free_cluster_count:
> ERROR:VAR: suspicious sized variable: 'bits' = 2048 bytes

> This checker warns when the pointer returned by a "plausibly" failing
> routine is not checked before being used.

> ---------------------------------------------------------
> [BUG] ntfs_find_attr. the return value of ntfs_find_attr is checked at the
> first callsite, but not at the second callsite.
> 2.4.1/fs/ntfs/dir.c:854:ntfs_getdir_unsorted: 
> ERROR:NULL:831:854: Using unknown ptr "attr" illegally!
> set by 'ntfs_find_attr':831
> 
> Start --->
>         attr=ntfs_find_attr(ino,vol->at_bitmap,I30);
>         if(!attr){
>                 /* directory does not have index allocation */
>                 *p_high=0xFFFFFFFF;
>                 *p_low=0;
> 
>         ... DELETED 15 lines ...
> 
>                 return EIO;
>         }
>         attr=ntfs_find_attr(ino,vol->at_index_allocation,I30);
>         while(1){
> Error --->
>                 if(*p_high*vol->clustersize > attr->size){
>                         /* no more index records */
> ---------------------------------------------------------
> [BUG] ntfs_find_attr
> 2.4.1/fs/ntfs/inode.c:130:ntfs_extend_mft:
> ERROR:NULL:129:130: Using unknown ptr "bmp" illegally!
> set by 'ntfs_find_attr':129
> 
> Start --->
>         bmp=ntfs_find_attr(vol->mft_ino,vol->at_bitmap,0);
> Error --->
>         if(bmp->size*8<rcount){ /* less bits than MFT records */
>                 ntfs_u8 buf[1];
> ---------------------------------------------------------
> [BUG] ntfs_find_attr can return NULL
> 2.4.1/fs/ntfs/inode.c:104:ntfs_extend_mft:
> ERROR:NULL:102:104: Using unknown ptr "mdata" illegally!
> set by 'ntfs_find_attr':102
> 
> Start --->
>         mdata=ntfs_find_attr(vol->mft_ino,vol->at_data,0);
>         /* first check whether there is uninitialized space */
> Error --->
>         if(mdata->allocated<mdata->size+vol->mft_recordsize){
>                 size=ntfs_get_free_cluster_count(vol->bitmap)*vol->clustersize;
> ---------------------------------------------------------
> [BUG] ntfs_find_attr can return NULL
> 2.4.1/fs/ntfs/inode.c:1077:ntfs_new_inode:
> ERROR:NULL:1076:1077: Using unknown ptr "data" illegally!
> set by 'ntfs_find_attr':1076
> 
> Start --->
>         data=ntfs_find_attr(vol->mft_ino,vol->at_data,0);
> Error --->
>         length=data->size/vol->mft_recordsize;
> 
> ---------------------------------------------------------

flatcap.