NTFS_BUG() was broken because it relied on dereferencing a NULL pointer.
This is undefined behavior, and gcc was compiling out the statement.
Crashing in library code is also unfriendly in general.
There were only two users. Make them just use regular error handling.
Signed-off-by: Eric Biggers
If an output buffer was provided, ntfs_utf16_to_utf8() limited the
output string length without the terminating null to 'outs_len'. This
was incorrect because a terminating null was always added to the string,
causing a buffer overrun if the output string happened to have exactly
the maximum
ntfs_file_value_upcase() is not called from anywhere in NTFS-3G, seems
unlikely to be used by third-party programs, and can be replaced with
calling ntfs_name_upcase() directly. So remove it.
Signed-off-by: Eric Biggers
---
include/ntfs-3g/unistr.h | 3 ---
utf16_to_utf8_size() was not guaranteed to fail with ENAMETOOLONG if the
computed length was greater than @outs_len. This could cause a buffer
overrun in ntfs_utf16_to_utf8(). This was a bug introduced by the
patches to allow broken Unicode. Fix it.
Signed-off-by: Eric Biggers
valid_reparse_data() would read past the end of the reparse point buffer
if it was passed a malformed reparse point that had the tag for a
mountpoint or a symlink but had a data buffer smaller than expected.
Fix this by validating the buffer size.
Signed-off-by: Eric Biggers