From baab4c287ebb328264889ea8665a0aaccffda0a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= Date: Fri, 17 Apr 2015 10:49:23 +0200 Subject: [PATCH] Added a sanity check to ntfswipe Unused entries in the MFT may have a bad length leading to fetch fixups from unallocated memory. Check the condition, but do not wipe, leave it to chkdsk to decide what should be fixed. --- ntfsprogs/ntfswipe.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ntfsprogs/ntfswipe.c b/ntfsprogs/ntfswipe.c index 0d360ee5..274f13f5 100644 --- a/ntfsprogs/ntfswipe.c +++ b/ntfsprogs/ntfswipe.c @@ -981,6 +981,12 @@ static s64 wipe_mft(ntfs_volume *vol, int byte, enum action act) // We know that the end marker will only take 4 bytes size = le32_to_cpu(rec->bytes_in_use) - 4; + if ((size <= 0) || (size > vol->mft_record_size)) { + ntfs_log_error("Bad mft record %lld\n", + (long long)i); + total = -1; + goto free; + } if (act == act_info) { //ntfs_log_info("mft %d\n", size); total += size;