possible bug in sbin/fsck_msdosfs/boot.c
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Thu Jul 23 15:22:28 UTC 2009
Alexander, good day.
Thu, Jul 23, 2009 at 12:29:23PM +0200, Alexander Best wrote:
> i just tried to do fsck_msdosfs on my mobile phone's memory card using a usb
> connection cable. this is what `file -s` has to say about /dev/da0:
>
> /dev/da0: x86 boot sector, code offset 0x0, OEM-ID " ", sectors/cluster
> 64, reserved sectors 6304, Media descriptor 0xf8, heads 128, hidden sectors
> 8192, sectors 7736320 (volumes > 32 MB) , FAT (32 bit), sectors/FAT 944,
> reserved3 0x800000, serial number 0x34613466, label: "mem "
>
> however after issuing the command `fsck_msdosfs /dev/da0` i got the following
> error:
>
> fsck_msdosfs /dev/da0
> ** /dev/da0
> backup doesn't compare to primary bootblock
>
> i did a bit of research and it seems this bug was supposed to be fixed by
> r128463. the problem was that the entire bootblock was compared to the
> backupblock. but since only the first 52 bytes of the bootblock are important
> many device use the rest of the bootblock for some other purpose. the
> following change was made to sbin/fsck_msdosfs/boot.c:
>
> -- if (memcmp(block, backup, DOSBOOTBLOCKSIZE)) {
> ++ if (memcmp(block + 11, backup + 11, 79)) {
>
> it seems however that the last memcmp argument is still too high. could
> somebody with good fat12/16/32 knowledge please look into this?
79 looks sane for the FAT32, see
http://www.win.tue.nl/~aeb/linux/fs/fat/fat-1.html
For FAT16/FAT12 the size should be 51. Actually, what is now compared
is the BIOS parameter block. I'll take a look at the FS forensics book:
my memory blocks with FAT remniscents are a bit rusty ;))
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-current
mailing list