[bug #66855] ntfs regression (hangs due to infinite loop)

Fri, 28 Feb 2025 01:40:00 -0800 

URL:
  <https://savannah.gnu.org/bugs/?66855>

                 Summary: ntfs regression (hangs due to infinite loop)
                   Group: GNU GRUB
               Submitter: aklauer
               Submitted: Fri 28 Feb 2025 09:39:21 AM UTC
                Category: None
                Severity: Major
                Priority: 5 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name:
        Originator Email:
             Open/Closed: Open
         Discussion Lock: Any
                 Release: Git master
                 Release:
         Reproducibility: None
         Planned Release: None


    _______________________________________________________

Follow-up Comments:


-------------------------------------------------------
Date: Fri 28 Feb 2025 09:39:21 AM UTC By: Andreas Klauer <aklauer>
commit 067b6d225d482280abad03944f04e30abcbdafa1 fs/ntfs: Implement attribute
verification

After this commit, Grub hangs as soon as search, ls, etc. try to access NTFS
filesystem (created with mkfs.ntfs and otherwise empty).

  grub> set pager=1
  grub> set debug=ntfs
  grub> ls (hd1,gpt1)/ # any ntfs partition?
  ntfs: spare=3220270157 min_size=30008 attr_size=28773
  ntfs: spare=3220270157 min_size=30008 attr_size=28773
  ntfs: spare=3220270157 min_size=30008 attr_size=28773
  … repeats forever …

I tried to trace this down:

fs/ntfs.c

this while-loop in find_attr()

  while (at->attr_cur < mft_end && *at->attr_cur != 0xFF)
    {
      at->attr_nxt = next_attribute (at->attr_cur, at->end);
      if (*at->attr_cur == GRUB_NTFS_AT_ATTRIBUTE_LIST)
        at->attr_end = at->attr_cur;
      if ((*at->attr_cur == attr) || (attr == 0))
        return at->attr_cur;
      at->attr_cur = at->attr_nxt;
    }

loops indefinitely (at->attr_cur=0) after next_attribute() returns NULL here:

  next += u16at (curr_attribute, 4);
  if (validate_attribute (next, end) == false)
    return NULL;

after validate_attribute() returns false here

  /* Not an error case, just reached the end of the attributes. */
  if (attr_size == 0)
    return false;

and the debug message shown by grub is bogus since it's the result of calling
functions with the wrong parameters in subsequent loops.

Also reported here
https://gitlab.archlinux.org/archlinux/packaging/packages/grub/-/issues/12







    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?66855>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/

Attachment: signature.asc
Description: PGP signature

Reply via email to