From 4462f82580a691619e98683efb4141ec00119687 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jpandre@users.sourceforge.net>
Date: Mon, 19 Jul 2021 09:23:23 +0200
Subject: [PATCH] Reset the resident attribute offset when appending from none

When there is no resident attribute value, its offset is unsafe, so better
to recompute it when appending data.
---
 libntfs-3g/attrib.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c
index f7a2ef18..d2d83ac6 100644
--- a/libntfs-3g/attrib.c
+++ b/libntfs-3g/attrib.c
@@ -4828,6 +4828,13 @@ int ntfs_resident_attr_value_resize(MFT_RECORD *m, ATTR_RECORD *a,
 	
 	ntfs_log_trace("Entering for new size %u.\n", (unsigned)new_size);
 
+	if (!a->value_length) {
+			/* Offset is unsafe when no value */
+		int offset = ((offsetof(ATTR_RECORD, resident_end)
+			+ a->name_length*sizeof(ntfschar) - 1) | 7) + 1;
+		a->value_offset = cpu_to_le16(offset);
+	}
+
 	/* Resize the resident part of the attribute record. */
 	if ((ret = ntfs_attr_record_resize(m, a, (le16_to_cpu(a->value_offset) +
 			new_size + 7) & ~7)) < 0)