From b95b4ba1a54e589475bee4c88d33f020b4d0d562 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jpandre@users.sourceforge.net>
Date: Mon, 19 Jul 2021 09:23:23 +0200
Subject: [PATCH] Rejected negative data length in readall()

The negative data length of an attribute is an indication of a probable
corruption and must be rejected.
---
 libntfs-3g/attrib.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c
index 628fa819..f7a2ef18 100644
--- a/libntfs-3g/attrib.c
+++ b/libntfs-3g/attrib.c
@@ -6930,9 +6930,10 @@ void *ntfs_attr_readall(ntfs_inode *ni, const ATTR_TYPES type,
 		 *   index bitmaps may need more, but still limited by
 		 *   the number of clusters.
 		 */
-	if ((na->data_size > 65536)
+	if (((u64)na->data_size > 65536)
 	    && ((type != AT_BITMAP)
-			|| ((na->data_size << 3) > ni->vol->nr_clusters))) {
+		|| ((u64)na->data_size > 
+			(u64)((ni->vol->nr_clusters + 7) >> 3)))) {
 		ntfs_log_error("Corrupt attribute 0x%lx in inode %lld\n",
 				(long)le32_to_cpu(type),(long long)ni->mft_no);
 		errno = EOVERFLOW;