1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
/*
 * COPYRIGHT:        See COPYING in the top level directory
 * PROJECT:          ReactOS File System Recognizer
 * FILE:             drivers/filesystems/fs_rec/ffs.c
 * PURPOSE:          FFS Recognizer
 * PROGRAMMER:       Peter Hater
 *                   Pierre Schweitzer (pierre@reactos.org)
 */

/* INCLUDES *****************************************************************/

#include "fs_rec.h"
#include "ffs.h"

#define NDEBUG
#include <debug.h>

/* FUNCTIONS ****************************************************************/

BOOLEAN
NTAPI
FsRecIsFfsDiskLabel(IN PFFSD_DISKLABEL dl)
{
    return (dl->d_magic == DISKMAGIC);
}

BOOLEAN
NTAPI
FsRecIsFfs1Volume(IN PFFSD_SUPER_BLOCK sb)
{
    return (sb->fs_magic == FS_UFS1_MAGIC);
}

BOOLEAN
NTAPI
FsRecIsFfs2Volume(IN PFFSD_SUPER_BLOCK sb)
{
    return (sb->fs_magic == FS_UFS2_MAGIC);<--- Null pointer dereference
}

NTSTATUS
NTAPI
FsRecFfsFsControl(IN PDEVICE_OBJECT DeviceObject,
                    IN PIRP Irp)
{
    PIO_STACK_LOCATION Stack;
    NTSTATUS Status;
    PDEVICE_OBJECT MountDevice;
    PFFSD_SUPER_BLOCK Spb = NULL;
    PFFSD_DISKLABEL DiskLabel = NULL;
    ULONGLONG FSOffset = 0;
    int i;
    ULONG SectorSize;
    LARGE_INTEGER Offset;
    BOOLEAN DeviceError = FALSE;
    PAGED_CODE();

    /* Get the I/O Stack and check the function type */
    Stack = IoGetCurrentIrpStackLocation(Irp);
    switch (Stack->MinorFunction)
    {
        case IRP_MN_MOUNT_VOLUME:

            /* Assume failure */
            Status = STATUS_UNRECOGNIZED_VOLUME;

            /* Get the device object and request the sector size */
            MountDevice = Stack->Parameters.MountVolume.DeviceObject;
            if (FsRecGetDeviceSectorSize(MountDevice, &SectorSize))
            {
                /* Try to read the disklabel */
                Offset.QuadPart = LABELSECTOR*SectorSize;
                if (FsRecReadBlock(MountDevice,
                                   &Offset,
                                   SectorSize,
                                   SectorSize,
                                   (PVOID)&DiskLabel,
                                   &DeviceError))
                {
                    /* Check if it's an actual FFS disk label */
                    if (FsRecIsFfsDiskLabel(DiskLabel))
                    {
                        /* It is! */
	                    for (i = 0; i < MAXPARTITIONS; i++)
	                    {
		                    if (DiskLabel->d_partitions[i].p_fstype == FS_BSDFFS)
		                    {
			                    /* Important */
			                    FSOffset = DiskLabel->d_partitions[i].p_offset;
			                    FSOffset = FSOffset * SectorSize;
                                /* Try to read the superblock */
                                Offset.QuadPart = FSOffset+SBLOCK_UFS1;
                                if (FsRecReadBlock(MountDevice,
                                                   &Offset,
                                                   SBLOCKSIZE,
                                                   SectorSize,
                                                   (PVOID)&Spb,
                                                   &DeviceError))
                                {
                                    /* Check if it's an actual FFS volume */
                                    if (FsRecIsFfs1Volume(Spb))
                                    {
                                        /* It is! */
                                        Status = STATUS_FS_DRIVER_REQUIRED;
                                    }
                                    else
                                    {
                                        /* Free the boot sector if we have one */
                                        ExFreePool(Spb);
                                        Spb = NULL;<--- Assignment 'Spb=NULL', assigned value is 0

                                        Offset.QuadPart = FSOffset+SBLOCK_UFS2;
                                        if (FsRecReadBlock(MountDevice,
                                                           &Offset,
                                                           SBLOCKSIZE,
                                                           SectorSize,
                                                           (PVOID)&Spb,
                                                           &DeviceError))
                                        {
                                            /* Check if it's an actual FFS volume */
                                            if (FsRecIsFfs2Volume(Spb))<--- Calling function 'FsRecIsFfs2Volume', 1st argument 'Spb' value is 0
                                            {
                                                /* It is! */
                                                Status = STATUS_FS_DRIVER_REQUIRED;
                                            }
                                        }
                                    }
                                }

                                /* Free the boot sector if we have one */
                                ExFreePool(Spb);
                                Spb = NULL;
                            }
                        }
                    }
                    else
                    {
                        /* Try to read the superblock */
                        Offset.QuadPart = FSOffset+SBLOCK_UFS1;
                        if (FsRecReadBlock(MountDevice,
                                            &Offset,
                                            SBLOCKSIZE,
                                            SectorSize,
                                            (PVOID)&Spb,
                                            &DeviceError))
                        {
                            /* Check if it's an actual FFS volume */
                            if (FsRecIsFfs1Volume(Spb))
                            {
                                /* It is! */
                                Status = STATUS_FS_DRIVER_REQUIRED;
                            }
                            else
                            {
                                /* Free the boot sector if we have one */
                                ExFreePool(Spb);
                                Spb = NULL;

                                Offset.QuadPart = FSOffset+SBLOCK_UFS2;
                                if (FsRecReadBlock(MountDevice,
                                                    &Offset,
                                                    SBLOCKSIZE,
                                                    SectorSize,
                                                    (PVOID)&Spb,
                                                    &DeviceError))
                                {
                                    /* Check if it's an actual FFS volume */
                                    if (FsRecIsFfs2Volume(Spb))
                                    {
                                        /* It is! */
                                        Status = STATUS_FS_DRIVER_REQUIRED;
                                    }
                                }
                            }
                        }

                        /* Free the boot sector if we have one */
                        ExFreePool(Spb);
                        Spb = NULL;
                    }
                }

                /* Free the boot sector if we have one */
                ExFreePool(DiskLabel);
            }
            else
            {
                /* We have some sort of failure in the storage stack */
                DeviceError = TRUE;
            }

            /* Check if we have an error on the stack */
            if (DeviceError)
            {
                /* Was this because of a floppy? */
                if (MountDevice->Characteristics & FILE_FLOPPY_DISKETTE)
                {
                    /* Let the FS try anyway */
                    Status = STATUS_FS_DRIVER_REQUIRED;
                }
            }

            break;

        case IRP_MN_LOAD_FILE_SYSTEM:

            /* Load the file system */
            Status = FsRecLoadFileSystem(DeviceObject,
                                         L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\ffs");
            break;

        default:

            /* Invalid request */
            Status = STATUS_INVALID_DEVICE_REQUEST;
    }

    /* Return Status */
    return Status;
}