[sleuthkit-users] crash in fs_inode.c:96 TSK 2.05

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I have an image to generates a crash in the ntfs_dent_idxentry()  
function.

Here is the stack trace:

(gdb) where
#0  fs_inode_free (fs_inode=0x0) at fs_inode.c:96
#1  0x000000000042adf7 in ntfs_dent_idxentry (ntfs=0x566400,  
dinfo=0x7fffffffdda0, idxe=0x1e57040, size=4032, len=31813712, flags=7,
     action=0x402530 <dent_act>, ptr=0x0) at ntfs_dent.c:288
#2  0x000000000042bf5c in ntfs_dent_walk_lcl (fs=0x566400,  
dinfo=0x7fffffffdda0, inum=31817728, flags=7, action=0x402530  
<dent_act>, ptr=0x0)
     at ntfs_dent.c:818
#3  0x000000000042af54 in ntfs_dent_idxentry (ntfs=0x566400,  
dinfo=0x7fffffffdda0, idxe=0x15787e8, size=4032, len=22513656, flags=7,
     action=0x402530 <dent_act>, ptr=0x0) at ntfs_dent.c:327
#4  0x000000000042bf5c in ntfs_dent_walk_lcl (fs=0x566400,  
dinfo=0x7fffffffdda0, inum=22515712, flags=7, action=0x402530  
<dent_act>, ptr=0x0)
     at ntfs_dent.c:818
#5  0x000000000042af54 in ntfs_dent_idxentry (ntfs=0x566400,  
dinfo=0x7fffffffdda0, idxe=0x1573458, size=4032, len=22492264, flags=7,
     action=0x402530 <dent_act>, ptr=0x0) at ntfs_dent.c:327
#6  0x000000000042c142 in ntfs_dent_walk_lcl (fs=0x566400,  
dinfo=0x7fffffffdda0, inum=4203824, flags=7, action=0x402530  
<dent_act>, ptr=0x0)
     at ntfs_dent.c:863
#7  0x000000000042b3ad in ntfs_dent_walk (fs=0x566400, inum=5,  
flags=7, action=0x402530 <dent_act>, ptr=0x0) at ntfs_dent.c:464
#8  0x0000000000402ae2 in do_vol (img=0x564000, start=32256) at  
iwalk.cpp:170
#9  0x0000000000402b7c in mm_act (mm=0x564080, pnum=2, part=0x563180,  
flag=0, ptr=0x44a304 "") at iwalk.cpp:195
#10 0x00000000004342e0 in dos_part_walk (mm=0x564080, start=0,  
last=4, flags=10, action=0x402b30 <mm_act>, ptr=0x44a304 "") at dos.c: 
1013
#11 0x0000000000402c5e in do_dimage (img=0x564000, desc=0x44a406 "my  
boring test comment") at iwalk.cpp:229
#12 0x0000000000402e39 in main (argc=1, argv=0x7fffffffe988) at  
iwalk.cpp:294
(gdb)

And here is the code itself:

/* fs_inode_free - destroy generic inode structure */

void
fs_inode_free(FS_INODE * fs_inode)
{
     FS_NAME *fs_name, *fs_name2;

=>  if (fs_inode->direct_addr)
         free((char *) fs_inode->direct_addr);
     fs_inode->direct_addr = NULL;

     if (fs_inode->indir_addr)
         free((char *) fs_inode->indir_addr);
     fs_inode->indir_addr = NULL;

Any ideas?

This is TSK 2.05