able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/base/fs/ntfs/checksup.c
CryptoAlgo Inc b3cac27891 Add source files
2020-09-26 16:20:57 +08:00

912 lines
25 KiB
C
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
CheckSup.c
Abstract:
This module implements check routines for Ntfs structures.
Author:
Tom Miller [TomM] 14-4-92
Revision History:
--*/
#include "NtfsProc.h"
//
// Array for log records which require a target attribute.
// A TRUE indicates that the corresponding restart operation
// requires a target attribute.
//
BOOLEAN TargetAttributeRequired[] = {FALSE, FALSE, TRUE, TRUE,
TRUE, TRUE, TRUE, TRUE,
TRUE, TRUE, FALSE, TRUE,
TRUE, TRUE, TRUE, TRUE,
TRUE, TRUE, TRUE, TRUE,
TRUE, TRUE, TRUE, TRUE,
FALSE, FALSE, FALSE, FALSE,
TRUE, FALSE, FALSE, FALSE,
FALSE, TRUE, TRUE };
//
// Local procedure prototypes
//
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE, NtfsCheckAttributeRecord)
#pragma alloc_text(PAGE, NtfsCheckFileRecord)
#pragma alloc_text(PAGE, NtfsCheckIndexBuffer)
#pragma alloc_text(PAGE, NtfsCheckIndexHeader)
#pragma alloc_text(PAGE, NtfsCheckIndexRoot)
#pragma alloc_text(PAGE, NtfsCheckLogRecord)
#pragma alloc_text(PAGE, NtfsCheckRestartTable)
#endif
BOOLEAN
NtfsCheckFileRecord (
IN PVCB Vcb,
IN PFILE_RECORD_SEGMENT_HEADER FileRecord,
IN PFILE_REFERENCE FileReference OPTIONAL,
OUT PULONG CorruptionHint
)
/*++
Routine Description:
Consistency check for file records.
Arguments:
Vcb - the vcb it belongs to
FileRecord - the filerecord to check
FileReference - if specified double check the sequence number and self ref.
fileref against it
CorruptionHint - hint for debugging on where corruption occured;
Return Value:
FALSE - if the file record is not valid
TRUE - if it is
--*/
{
PATTRIBUTE_RECORD_HEADER Attribute;
PFILE_RECORD_SEGMENT_HEADER EndOfFileRecord;
ULONG BytesPerFileRecordSegment = Vcb->BytesPerFileRecordSegment;
BOOLEAN StandardInformationSeen = FALSE;
ULONG BytesInOldHeader;
PAGED_CODE();
*CorruptionHint = 0;
EndOfFileRecord = Add2Ptr( FileRecord, BytesPerFileRecordSegment );
//
// Check the file record header for consistency.
//
if ((*(PULONG)FileRecord->MultiSectorHeader.Signature != *(PULONG)FileSignature)
||
((ULONG)FileRecord->MultiSectorHeader.UpdateSequenceArrayOffset >
(SEQUENCE_NUMBER_STRIDE -
(PAGE_SIZE / SEQUENCE_NUMBER_STRIDE + 1) * sizeof(USHORT)))
||
((ULONG)((FileRecord->MultiSectorHeader.UpdateSequenceArraySize - 1) * SEQUENCE_NUMBER_STRIDE) !=
BytesPerFileRecordSegment)
||
!FlagOn(FileRecord->Flags, FILE_RECORD_SEGMENT_IN_USE)) {
DebugTrace( 0, 0, ("Invalid file record: %08lx\n", FileRecord) );
*CorruptionHint = 1;
ASSERTMSG( "Invalid resident file record\n", FALSE );
return FALSE;
}
BytesInOldHeader = QuadAlign( sizeof( FILE_RECORD_SEGMENT_HEADER_V0 ) + (UpdateSequenceArraySize( BytesPerFileRecordSegment ) - 1) * sizeof( USHORT ));
//
// Offset bounds checks
//
if ((FileRecord->FirstFreeByte > BytesPerFileRecordSegment) ||
(FileRecord->FirstFreeByte < BytesInOldHeader) ||
(FileRecord->BytesAvailable != BytesPerFileRecordSegment) ||
(((ULONG)FileRecord->FirstAttributeOffset < BytesInOldHeader) ||
((ULONG)FileRecord->FirstAttributeOffset >
BytesPerFileRecordSegment - SIZEOF_RESIDENT_ATTRIBUTE_HEADER)) ||
(!IsQuadAligned( FileRecord->FirstAttributeOffset ))) {
*CorruptionHint = 2;
ASSERTMSG( "Out of bound offset in frs\n", FALSE );
return FALSE;
}
//
// Optional fileref number check
//
if (ARGUMENT_PRESENT( FileReference )) {
if ((FileReference->SequenceNumber != FileRecord->SequenceNumber) ||
((FileRecord->FirstAttributeOffset > BytesInOldHeader) &&
((FileRecord->SegmentNumberHighPart != FileReference->SegmentNumberHighPart) ||
(FileRecord->SegmentNumberLowPart != FileReference->SegmentNumberLowPart)))) {
*CorruptionHint = 3;
ASSERTMSG( "Filerecord fileref doesn't match expected value\n", FALSE );
return FALSE;
}
}
//
// Loop to check all of the attributes.
//
for (Attribute = NtfsFirstAttribute(FileRecord);
Attribute->TypeCode != $END;
Attribute = NtfsGetNextRecord(Attribute)) {
// if (!StandardInformationSeen &&
// (Attribute->TypeCode != $STANDARD_INFORMATION) &&
// XxEqlZero(FileRecord->BaseFileRecordSegment)) {
//
// DebugTrace( 0, 0, ("Standard Information missing: %08lx\n", Attribute) );
//
// ASSERTMSG( "Standard Information missing\n", FALSE );
// return FALSE;
// }
StandardInformationSeen = TRUE;
if (!NtfsCheckAttributeRecord( Vcb,
FileRecord,
Attribute,
FALSE,
CorruptionHint )) {
return FALSE;
}
}
return TRUE;
}
BOOLEAN
NtfsCheckAttributeRecord (
IN PVCB Vcb,
IN PFILE_RECORD_SEGMENT_HEADER FileRecord,
IN PATTRIBUTE_RECORD_HEADER Attribute,
IN ULONG CheckHeaderOnly,
IN PULONG CorruptionHint
)
{
PVOID NextAttribute;
PVOID EndOfFileRecord;
PVOID FirstFreeByte;
PVOID Data;
ULONG Length;
ULONG BytesPerFileRecordSegment = Vcb->BytesPerFileRecordSegment;
PAGED_CODE();
EndOfFileRecord = Add2Ptr( FileRecord, BytesPerFileRecordSegment );
FirstFreeByte = Add2Ptr( FileRecord, FileRecord->FirstFreeByte );
//
// Do an alignment check before creating a ptr based on this value
//
if (!IsQuadAligned( Attribute->RecordLength )) {
*CorruptionHint = Attribute->TypeCode + 0xc;
ASSERTMSG( "Misaligned attribute length\n", FALSE );
return FALSE;
}
NextAttribute = NtfsGetNextRecord(Attribute);
//
// Check the fixed part of the attribute record header.
//
if ((Attribute->RecordLength >= BytesPerFileRecordSegment)
||
(NextAttribute >= EndOfFileRecord)
||
(FlagOn(Attribute->NameOffset, 1) != 0)
||
((Attribute->NameLength != 0) &&
(((ULONG)Attribute->NameOffset + (ULONG)Attribute->NameLength) >
Attribute->RecordLength))) {
DebugTrace( 0, 0, ("Invalid attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 1;
ASSERTMSG( "Invalid attribute record header\n", FALSE );
return FALSE;
}
if (NextAttribute > FirstFreeByte) {
*CorruptionHint = Attribute->TypeCode + 2;
ASSERTMSG( "Attributes beyond first free byte\n", FALSE );
return FALSE;
}
//
// Check the resident attribute fields.
//
if (Attribute->FormCode == RESIDENT_FORM) {
if ((Attribute->Form.Resident.ValueLength >= Attribute->RecordLength) ||
(((ULONG)Attribute->Form.Resident.ValueOffset +
Attribute->Form.Resident.ValueLength) > Attribute->RecordLength) ||
(!IsQuadAligned( Attribute->Form.Resident.ValueOffset ))) {
DebugTrace( 0, 0, ("Invalid resident attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 3;
ASSERTMSG( "Invalid resident attribute record header\n", FALSE );
return FALSE;
}
//
// Check the nonresident attribute fields
//
} else if (Attribute->FormCode == NONRESIDENT_FORM) {
VCN CurrentVcn, NextVcn;
LCN CurrentLcn;
LONGLONG Change;
PCHAR ch;
ULONG VcnBytes;
ULONG LcnBytes;
if ((Attribute->Form.Nonresident.LowestVcn >
(Attribute->Form.Nonresident.HighestVcn + 1))
||
((ULONG)Attribute->Form.Nonresident.MappingPairsOffset >=
Attribute->RecordLength)
||
(Attribute->Form.Nonresident.ValidDataLength < 0) ||
(Attribute->Form.Nonresident.FileSize < 0) ||
(Attribute->Form.Nonresident.AllocatedLength < 0)
||
(Attribute->Form.Nonresident.ValidDataLength >
Attribute->Form.Nonresident.FileSize)
||
(Attribute->Form.Nonresident.FileSize >
Attribute->Form.Nonresident.AllocatedLength)) {
DebugTrace( 0, 0, ("Invalid nonresident attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 4;
ASSERTMSG( "Invalid nonresident attribute record header\n", FALSE );
return FALSE;
}
if (CheckHeaderOnly) { return TRUE; }
//
// Implement the decompression algorithm, as defined in ntfs.h.
// (This code should look remarkably similar to what goes on in
// NtfsLookupAllocation!)
//
NextVcn = Attribute->Form.Nonresident.LowestVcn;
CurrentLcn = 0;
ch = (PCHAR)Attribute + Attribute->Form.Nonresident.MappingPairsOffset;
//
// Loop to process mapping pairs, insuring we do not run off the end
// of the attribute, and that we do not map to nonexistant Lcns.
//
while (!IsCharZero(*ch)) {
//
// Set Current Vcn from initial value or last pass through loop.
//
CurrentVcn = NextVcn;
//
// Extract the counts from the two nibbles of this byte.
//
VcnBytes = *ch & 0xF;
LcnBytes = *ch++ >> 4;
//
// Neither of these should be larger than a VCN.
//
if ((VcnBytes > sizeof( VCN )) ||
(LcnBytes > sizeof( VCN ))) {
DebugTrace( 0, 0, ("Invalid maping pair byte count: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 5;
ASSERTMSG( "Invalid maping pair byte count\n", FALSE );
return FALSE;
}
//
// Extract the Vcn change (use of RtlCopyMemory works for little-Endian)
// and update NextVcn.
//
Change = 0;
//
// Make sure we are not going beyond the end of the attribute
// record, and that the Vcn change is not negative or zero.
//
if (((ULONG_PTR)(ch + VcnBytes + LcnBytes + 1) > (ULONG_PTR)NextAttribute)
||
IsCharLtrZero(*(ch + VcnBytes - 1))) {
DebugTrace( 0, 0, ("Invalid maping pairs array: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 6;
ASSERTMSG( "Invalid maping pairs array\n", FALSE );
return FALSE;
}
RtlCopyMemory( &Change, ch, VcnBytes );
ch += VcnBytes;
NextVcn = NextVcn + Change;
//
// Extract the Lcn change and update CurrentLcn.
//
Change = 0;
if (IsCharLtrZero(*(ch + LcnBytes - 1))) {
Change = Change - 1;
}
RtlCopyMemory( &Change, ch, LcnBytes );
ch += LcnBytes;
CurrentLcn = CurrentLcn + Change;
if ((LcnBytes != 0) &&
((CurrentLcn + (NextVcn - CurrentVcn) - 1) > Vcb->TotalClusters)) {
DebugTrace( 0, 0, ("Invalid Lcn: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 7;
ASSERTMSG( "Invalid Lcn\n", FALSE );
return FALSE;
}
}
//
// Finally, check HighestVcn.
//
if (NextVcn != (Attribute->Form.Nonresident.HighestVcn + 1)) {
DebugTrace( 0, 0, ("Disagreement with mapping pairs: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 8;
ASSERTMSG( "Disagreement with mapping pairs\n", FALSE );
return FALSE;
}
} else {
DebugTrace( 0, 0, ("Invalid attribute form code: %08lx\n", Attribute) );
ASSERTMSG( "Invalid attribute form code\n", FALSE );
return FALSE;
}
//
// Now check the attributes by type code, if they are resident. Not all
// attributes require specific checks (such as $STANDARD_INFORMATION and $DATA).
//
if (CheckHeaderOnly || !NtfsIsAttributeResident( Attribute )) {
return TRUE;
}
Data = NtfsAttributeValue(Attribute);
Length = Attribute->Form.Resident.ValueLength;
switch (Attribute->TypeCode) {
case $FILE_NAME:
{
if ((ULONG)((PFILE_NAME)Data)->FileNameLength * sizeof( WCHAR ) >
(Length - (ULONG)sizeof(FILE_NAME) + sizeof( WCHAR ))) {
DebugTrace( 0, 0, ("Invalid File Name attribute: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 9;
ASSERTMSG( "Invalid File Name attribute\n", FALSE );
return FALSE;
}
break;
}
case $INDEX_ROOT:
{
return NtfsCheckIndexRoot( Vcb, (PINDEX_ROOT)Data, Length );
}
case $STANDARD_INFORMATION:
{
if (Length < sizeof( STANDARD_INFORMATION ) &&
Length != SIZEOF_OLD_STANDARD_INFORMATION)
{
DebugTrace( 0, 0, ("Invalid Standard Information attribute: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 0xa;
ASSERTMSG( "Invalid Standard Information attribute size\n", FALSE );
return FALSE;
}
break;
}
case $ATTRIBUTE_LIST:
case $OBJECT_ID:
case $SECURITY_DESCRIPTOR:
case $VOLUME_NAME:
case $VOLUME_INFORMATION:
case $DATA:
case $INDEX_ALLOCATION:
case $BITMAP:
case $REPARSE_POINT:
case $EA_INFORMATION:
case $EA:
case $LOGGED_UTILITY_STREAM:
break;
default:
{
DebugTrace( 0, 0, ("Bad Attribute type code: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 0xb;
ASSERTMSG( "Bad Attribute type code\n", FALSE );
return FALSE;
}
}
return TRUE;
}
BOOLEAN
NtfsCheckIndexRoot (
IN PVCB Vcb,
IN PINDEX_ROOT IndexRoot,
IN ULONG AttributeSize
)
{
UCHAR ShiftValue;
PAGED_CODE();
//
// Check whether this index root uses clusters or if the cluster size is larger than
// the index block.
//
if (IndexRoot->BytesPerIndexBuffer >= Vcb->BytesPerCluster) {
ShiftValue = (UCHAR) Vcb->ClusterShift;
} else {
ShiftValue = DEFAULT_INDEX_BLOCK_BYTE_SHIFT;
}
if ((AttributeSize < sizeof(INDEX_ROOT))
||
((IndexRoot->IndexedAttributeType != $FILE_NAME) && (IndexRoot->IndexedAttributeType != $UNUSED))
||
((IndexRoot->IndexedAttributeType == $FILE_NAME) && (IndexRoot->CollationRule != COLLATION_FILE_NAME))
||
(IndexRoot->BytesPerIndexBuffer !=
BytesFromIndexBlocks( IndexRoot->BlocksPerIndexBuffer, ShiftValue ))
||
((IndexRoot->BlocksPerIndexBuffer != 1) &&
(IndexRoot->BlocksPerIndexBuffer != 2) &&
(IndexRoot->BlocksPerIndexBuffer != 4) &&
(IndexRoot->BlocksPerIndexBuffer != 8) &&
(IndexRoot->BlocksPerIndexBuffer != 16) &&
(IndexRoot->BlocksPerIndexBuffer != 32) &&
(IndexRoot->BlocksPerIndexBuffer != 64) &&
(IndexRoot->BlocksPerIndexBuffer != 128))) {
DebugTrace( 0, 0, ("Bad Index Root: %08lx\n", IndexRoot) );
ASSERTMSG( "Bad Index Root\n", FALSE );
return FALSE;
}
return NtfsCheckIndexHeader( &IndexRoot->IndexHeader,
AttributeSize - sizeof(INDEX_ROOT) + sizeof(INDEX_HEADER) );
}
BOOLEAN
NtfsCheckIndexBuffer (
IN PSCB Scb,
IN PINDEX_ALLOCATION_BUFFER IndexBuffer
)
{
ULONG BytesPerIndexBuffer = Scb->ScbType.Index.BytesPerIndexBuffer;
PAGED_CODE();
//
// Check the index buffer for consistency.
//
if ((*(PULONG)IndexBuffer->MultiSectorHeader.Signature != *(PULONG)IndexSignature)
||
((ULONG)IndexBuffer->MultiSectorHeader.UpdateSequenceArrayOffset >
(SEQUENCE_NUMBER_STRIDE - (PAGE_SIZE / SEQUENCE_NUMBER_STRIDE + 1) * sizeof(USHORT)))
||
((ULONG)((IndexBuffer->MultiSectorHeader.UpdateSequenceArraySize - 1) * SEQUENCE_NUMBER_STRIDE) !=
BytesPerIndexBuffer)) {
DebugTrace( 0, 0, ("Invalid Index Buffer: %08lx\n", IndexBuffer) );
ASSERTMSG( "Invalid resident Index Buffer\n", FALSE );
return FALSE;
}
return NtfsCheckIndexHeader( &IndexBuffer->IndexHeader,
BytesPerIndexBuffer -
FIELD_OFFSET(INDEX_ALLOCATION_BUFFER, IndexHeader) );
}
BOOLEAN
NtfsCheckIndexHeader (
IN PINDEX_HEADER IndexHeader,
IN ULONG BytesAvailable
)
{
PINDEX_ENTRY IndexEntry, NextIndexEntry;
PINDEX_ENTRY EndOfIndex;
ULONG MinIndexEntry = sizeof(INDEX_ENTRY);
PAGED_CODE();
if (FlagOn(IndexHeader->Flags, INDEX_NODE)) {
MinIndexEntry += sizeof(VCN);
}
if ((IndexHeader->FirstIndexEntry > (BytesAvailable - MinIndexEntry))
||
(IndexHeader->FirstFreeByte > BytesAvailable)
||
(IndexHeader->BytesAvailable > BytesAvailable)
||
((IndexHeader->FirstIndexEntry + MinIndexEntry) > IndexHeader->FirstFreeByte)
||
(IndexHeader->FirstFreeByte > IndexHeader->BytesAvailable)) {
DebugTrace( 0, 0, ("Bad Index Header: %08lx\n", IndexHeader) );
ASSERTMSG( "Bad Index Header\n", FALSE );
return FALSE;
}
IndexEntry = NtfsFirstIndexEntry(IndexHeader);
EndOfIndex = Add2Ptr(IndexHeader, IndexHeader->FirstFreeByte);
while (TRUE) {
NextIndexEntry = NtfsNextIndexEntry(IndexEntry);
if (((ULONG)IndexEntry->Length < MinIndexEntry)
||
(NextIndexEntry > EndOfIndex)
||
// ((ULONG)IndexEntry->AttributeLength >
// ((ULONG)IndexEntry->Length - MinIndexEntry))
//
// ||
(BooleanFlagOn(IndexEntry->Flags, INDEX_ENTRY_NODE) !=
BooleanFlagOn(IndexHeader->Flags, INDEX_NODE))) {
DebugTrace( 0, 0, ("Bad Index Entry: %08lx\n", IndexEntry) );
ASSERTMSG( "Bad Index Entry\n", FALSE );
return FALSE;
}
if (FlagOn(IndexEntry->Flags, INDEX_ENTRY_END)) {
break;
}
IndexEntry = NextIndexEntry;
}
return TRUE;
}
BOOLEAN
NtfsCheckLogRecord (
IN PNTFS_LOG_RECORD_HEADER LogRecord,
IN ULONG LogRecordLength,
IN TRANSACTION_ID TransactionId,
IN ULONG AttributeEntrySize
)
{
BOOLEAN ValidLogRecord = FALSE;
PAGED_CODE();
//
// We make the following checks on the log record.
//
// - Minimum length must contain an NTFS_LOG_RECORD_HEADER
// - Transaction Id must be a valid value (a valid index offset)
//
// The following are values in the log record.
//
// - Redo/Undo offset must be quadaligned
// - Redo/Undo offset + length must be contained in the log record
// - Target attribute must be a valid value (either 0 or valid index offset)
// - Record offset must be quad-aligned and less than the file record size.
// - Log record size must be sufficient for Lcn's to follow.
//
// Use the separate assert messages in order to identify the error (used the same text so
// the compiler can still optimize).
//
if (LogRecordLength < sizeof( NTFS_LOG_RECORD_HEADER )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (TransactionId == 0) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((TransactionId - sizeof( RESTART_TABLE )) % sizeof( TRANSACTION_ENTRY )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (FlagOn( LogRecord->RedoOffset, 7 )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (FlagOn( LogRecord->UndoOffset, 7 )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((ULONG) LogRecord->RedoOffset + LogRecord->RedoLength > LogRecordLength) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((LogRecord->UndoOperation != CompensationLogRecord) &&
((ULONG) LogRecord->UndoOffset + LogRecord->UndoLength > LogRecordLength)) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (LogRecordLength < (sizeof( NTFS_LOG_RECORD_HEADER ) +
((LogRecord->LcnsToFollow != 0) ?
(sizeof( LCN ) * (LogRecord->LcnsToFollow - 1)) :
0))) {
ASSERTMSG( "Invalid log record\n", FALSE );
//
// NOTE: The next two clauses test different cases for the TargetAttribute in
// the log record. Don't add any tests after this point as the ValidLogRecord
// value is set to TRUE internally and no other checks take place.
//
} else if (LogRecord->TargetAttribute == 0) {
if (((LogRecord->RedoOperation <= UpdateRecordDataAllocation) &&
TargetAttributeRequired[LogRecord->RedoOperation]) ||
((LogRecord->UndoOperation <= UpdateRecordDataAllocation) &&
TargetAttributeRequired[LogRecord->UndoOperation])) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else {
ValidLogRecord = TRUE;
}
//
// Read the note above if changing this.
//
} else if ((LogRecord->RedoOperation != ForgetTransaction) &&
((LogRecord->TargetAttribute - sizeof( RESTART_TABLE )) % AttributeEntrySize)) {
ASSERTMSG( "Invalid log record\n", FALSE );
//
// Read the note above if changing this.
//
} else {
ValidLogRecord = TRUE;
}
return ValidLogRecord;
}
BOOLEAN
NtfsCheckRestartTable (
IN PRESTART_TABLE RestartTable,
IN ULONG TableSize
)
{
ULONG ActualTableSize;
ULONG Index;
PDIRTY_PAGE_ENTRY_V0 NextEntry;
PAGED_CODE();
//
// We want to make the following checks.
//
// EntrySize - Must be less than table size and non-zero.
//
// NumberEntries - The table size must contain at least this many entries
// plus the table header.
//
// NumberAllocated - Must be less than/equal to NumberEntries
//
// FreeGoal - Must lie in the table.
//
// FirstFree
// LastFree - Must either be 0 or be on a restart entry boundary.
//
if ((RestartTable->EntrySize == 0) ||
(RestartTable->EntrySize > TableSize) ||
((RestartTable->EntrySize + sizeof( RESTART_TABLE )) > TableSize) ||
(((TableSize - sizeof( RESTART_TABLE )) / RestartTable->EntrySize) < RestartTable->NumberEntries) ||
(RestartTable->NumberAllocated > RestartTable->NumberEntries)) {
ASSERTMSG( "Invalid Restart Table sizes\n", FALSE );
return FALSE;
}
ActualTableSize = (RestartTable->EntrySize * RestartTable->NumberEntries) +
sizeof( RESTART_TABLE );
if ((RestartTable->FirstFree > ActualTableSize) ||
(RestartTable->LastFree > ActualTableSize) ||
((RestartTable->FirstFree != 0) && (RestartTable->FirstFree < sizeof( RESTART_TABLE ))) ||
((RestartTable->LastFree != 0) && (RestartTable->LastFree < sizeof( RESTART_TABLE )))) {
ASSERTMSG( "Invalid Restart Table List Head\n", FALSE );
return FALSE;
}
//
// Make a pass through the table verifying that each entry
// is either allocated or points to a valid offset in the
// table.
//
for (Index = 0;Index < RestartTable->NumberEntries; Index++) {
NextEntry = Add2Ptr( RestartTable,
((Index * RestartTable->EntrySize) +
sizeof( RESTART_TABLE )));
if ((NextEntry->AllocatedOrNextFree != RESTART_ENTRY_ALLOCATED) &&
(NextEntry->AllocatedOrNextFree != 0) &&
((NextEntry->AllocatedOrNextFree < sizeof( RESTART_TABLE )) ||
(((NextEntry->AllocatedOrNextFree - sizeof( RESTART_TABLE )) % RestartTable->EntrySize) != 0))) {
ASSERTMSG( "Invalid Restart Table Entry\n", FALSE );
return FALSE;
}
}
//
// Walk through the list headed by the first entry to make sure none
// of the entries are currently being used.
//
for (Index = RestartTable->FirstFree; Index != 0; Index = NextEntry->AllocatedOrNextFree) {
if (Index == RESTART_ENTRY_ALLOCATED) {
ASSERTMSG( "Invalid Restart Table Free List\n", FALSE );
return FALSE;
}
NextEntry = Add2Ptr( RestartTable, Index );
}
return TRUE;
}
Reference in a new issue View git blame Copy permalink