Re: [PATCH v3] ntfs: validate resident attribute values on lookup

[Namjae Jeon]

> Type-specific format validation for $VOLUME_NAME is intentionally not
> added to this helper, even though $VOLUME_NAME is a variable-length
> resident attribute. Existing callers such as ntfs_write_volume_label()
> treat a failed AT_VOLUME_NAME lookup as an absent label and
> unconditionally add a new record afterwards. If the helper rejected
> odd-length labels at lookup time, the corrupt record would stay in
> place and the caller would append a new record next to it, producing
> two $VOLUME_NAME attributes on disk. Caller-side cleanup must precede
> any lookup-time rejection of malformed $VOLUME_NAME payloads, so the
> type-specific check is left for a follow-up patch. The generic resident
> bounds checks (value_offset / value_length / attr_len) still apply to
> $VOLUME_NAME, and its entry in the type-name table is kept so that
> those failures log with the attribute name.
We can make ntfs_attr_find() return -EIO instead of -ENOENT when it
detects a corrupted resident attribute value. And callers should check
errno not to add duplicated $VOLUME_NAME.

>
> Do not add $INDEX_ROOT-specific value validation in this change. Testing
> with stricter checks showed an existing ntfs_ir_truncate() shrink
> ordering bug: the resident value_length is shrunk before the root index
> allocated_size is updated, so a relookup can observe allocated_size
> beyond the now-smaller resident value and fail. Fix that ordering before
> adding the $INDEX_ROOT-specific minimum-size and structural checks.
please provide patch series including ntfs_ir_truncate bug, index root
validation, volume name, and this patch.

> +static const char *ntfs_attr_type_name(const __le32 type)
> +{
> +       switch (type) {
> +       case AT_STANDARD_INFORMATION:
> +               return "$STANDARD_INFORMATION";
> +       case AT_FILE_NAME:
> +               return "$FILE_NAME";
> +       case AT_VOLUME_NAME:
> +               return "$VOLUME_NAME";
> +       case AT_VOLUME_INFORMATION:
> +               return "$VOLUME_INFORMATION";
> +       case AT_INDEX_ROOT:
> +               return "$INDEX_ROOT";
> +       case AT_EA_INFORMATION:
> +               return "$EA_INFORMATION";
> +       default:
> +               return NULL;
> +       }
> +}
We can identify the attribute just by printing its type, without
needing to print the attribute name.
Thanks!