in case that entries_offset of index root has a large or corrupted value, illegal memory access occurs.

namjaejeon / ntfsprogs-plus

NTFS filesystem userspace utilities

GNU General Public License v2.0

10 stars 5 forks source link

in case that entries_offset of index root has a large or corrupted value, illegal memory access occurs. #62

Open jaysim opened 1 year ago

jaysim commented 1 year ago

<src/ntfsck.c> 2668 / The first index entry. / 2669 next = (INDEX_ENTRY)((u8)&ir->index + 2670 le32_to_cpu(ir->index.entries_offset)); 2671 2672 if (next->ie_flags & INDEX_ENTRY_NODE) { <=== at here

if ir->index.entries_offset has very large value, illegal memory access occurs