From 5741f54529382b5a14d6ca356c05693ae5f9556e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= Date: Fri, 17 Apr 2015 11:31:47 +0200 Subject: [PATCH] Zeroed uninitialized bytes before writing compressed data Compressed records may be written as full clusters even though cluster tails are meaningless. This is to avoid the lower levels doing a read- modify-write cycle. Be sure to zero the meaningless bytes to avoid leaking information. Contributed by Eric Biggers --- libntfs-3g/compress.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libntfs-3g/compress.c b/libntfs-3g/compress.c index f1070aa2..a8d37e8b 100644 --- a/libntfs-3g/compress.c +++ b/libntfs-3g/compress.c @@ -1131,6 +1131,7 @@ static s32 ntfs_comp_set(ntfs_attr *na, runlist_element *rl, outbuf[compsz++] = 0; /* write a full cluster, to avoid partial reading */ rounded = ((compsz - 1) | (clsz - 1)) + 1; + memset(&outbuf[compsz], 0, rounded - compsz); written = write_clusters(vol, rl, offs, rounded, outbuf); if (written != rounded) { /*