Re: Problems with hfsprogs on G5 Power Macs
On Tue, Jan 08, 2019 at 10:40:55AM +0100, Frank Scheiner wrote:
> On 1/7/19 22:13, John Paul Adrian Glaubitz wrote:
> > On 1/7/19 10:09 PM, Frank Scheiner wrote:
> > > Program received signal SIGSEGV, Segmentation fault.
> > > 0x0000000100034be4 in hfs_swap_HFSBTInternalNode (src=0x7fffffffd3a8, fcb=0x100081898, direction=kSwapBTNodeBigToHost) at hfs_endian.c:883
> > > 883 hfs_endian.c: No such file or directory.
> >
> > I think the debugging process would be more verbose if the
> > debugging was done in-tree of the hfsprogress source code.
>
> Oh, overlooked that part yesterday evening. Did that now:
>
> ```root@powermac-g5:~/hfsprogs/hfsprogs-332.25# gdb --args
> ./fsck_hfs.tproj/fsck_hfs -d /dev/sda2
> GNU gdb (Debian 8.2-1) 8.2
> [...]
> Reading symbols from ./fsck_hfs.tproj/fsck_hfs...done.
> (gdb) run
> Starting program: /root/hfsprogs/hfsprogs-332.25/fsck_hfs.tproj/fsck_hfs -d
> /dev/sda2
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library
> "/lib/powerpc64-linux-gnu/libthread_db.so.1".
> ** /dev/sda2
> Using cacheBlockSize=32K cacheTotalBlock=1024 cacheSize=32768K.
> ** Checking HFS volume.
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x0000000100034be4 in hfs_swap_HFSBTInternalNode (src=0x7fffffffd2f8,
> fcb=0x100081898, direction=kSwapBTNodeBigToHost) at hfs_endian.c:883
> 883 nextRecord = (char *)src->buffer + srcOffs[i-1];
Given i starts as 0 in the loop in hfs_endian.c then i-1 would be 0-1
which is not nice when i is a uint32. Newer versions of the code from
apple (hfs 407.200.4) has changed the definition of i to int32 which
at least means 0-1 is -1 rather than a very very large number that is
likely to be out of bounds of memory.
--
Len Sorensen
Reply to: