]> git.saurik.com Git - apple/xnu.git/blame - bsd/hfs/hfs_endian.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-1228.5.20.tar.gz
[apple/xnu.git] / bsd / hfs / hfs_endian.c
CommitLineData
1c79356b 1/*
2d21ac55 2 * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
5d5c5d0d 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
8f6c56a5 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
8f6c56a5 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28
29/*
30 * hfs_endian.c
31 *
32 * This file implements endian swapping routines for the HFS/HFS Plus
33 * volume format.
34 */
35
1c79356b
A		 36#include "hfs_endian.h"
37#include "hfs_dbg.h"
3a60a9f5 38#include "hfscommon/headers/BTreesPrivate.h"
1c79356b
A		 39
40#undef ENDIAN_DEBUG
41
3a60a9f5
A		 42/*
43 * Internal swapping routines
44 *
45 * These routines handle swapping the records of leaf and index nodes. The
46 * layout of the keys and records varies depending on the kind of B-tree
47 * (determined by fileID).
48 *
49 * The direction parameter must be kSwapBTNodeBigToHost or kSwapBTNodeHostToBig.
50 * The kSwapBTNodeHeaderRecordOnly "direction" is not valid for these routines.
51 */
52static int hfs_swap_HFSPlusBTInternalNode (BlockDescriptor *src, HFSCatalogNodeID fileID, enum HFSBTSwapDirection direction);
53static int hfs_swap_HFSBTInternalNode (BlockDescriptor *src, HFSCatalogNodeID fileID, enum HFSBTSwapDirection direction);
1c79356b
A		 54
55/*
56 * hfs_swap_HFSPlusForkData
1c79356b 57 */
3a60a9f5 58static void
1c79356b
A		 59hfs_swap_HFSPlusForkData (
60 HFSPlusForkData *src
61)
62{
63 int i;
64
1c79356b
A		 65 src->logicalSize = SWAP_BE64 (src->logicalSize);
66
67 src->clumpSize = SWAP_BE32 (src->clumpSize);
68 src->totalBlocks = SWAP_BE32 (src->totalBlocks);
69
70 for (i = 0; i < kHFSPlusExtentDensity; i++) {
71 src->extents[i].startBlock = SWAP_BE32 (src->extents[i].startBlock);
72 src->extents[i].blockCount = SWAP_BE32 (src->extents[i].blockCount);
73 }
74}
75
76/*
77 * hfs_swap_BTNode
78 *
79 * NOTE: This operation is not naturally symmetric.
80 * We have to determine which way we're swapping things.
81 */
82int
83hfs_swap_BTNode (
84 BlockDescriptor *src,
3a60a9f5
A		 85 vnode_t vp,
86 enum HFSBTSwapDirection direction
1c79356b
A		 87)
88{
89 BTNodeDescriptor *srcDesc = src->buffer;
2d21ac55 90 u_int16_t *srcOffs = NULL;
3a60a9f5 91 BTreeControlBlockPtr btcb = (BTreeControlBlockPtr)VTOF(vp)->fcbBTCBPtr;
2d21ac55 92 u_int32_t i;
1c79356b
A		 93 int error = 0;
94
1c79356b 95#ifdef ENDIAN_DEBUG
3a60a9f5
A		 96 if (direction == kSwapBTNodeBigToHost) {
97 printf ("BE -> Native Swap\n");
98 } else if (direction == kSwapBTNodeHostToBig) {
99 printf ("Native -> BE Swap\n");
100 } else if (direction == kSwapBTNodeHeaderRecordOnly) {
1c79356b
A		 101 printf ("Not swapping descriptors\n");
102 } else {
3a60a9f5 103 panic ("hfs_swap_BTNode: This is impossible");
1c79356b
A		 104 }
105#endif
106
3a60a9f5
A		 107 /*
108 * If we are doing a swap from on-disk to in-memory, then swap the node
109 * descriptor and record offsets before we need to use them.
110 */
111 if (direction == kSwapBTNodeBigToHost) {
1c79356b
A		 112 srcDesc->fLink = SWAP_BE32 (srcDesc->fLink);
113 srcDesc->bLink = SWAP_BE32 (srcDesc->bLink);
114
3a60a9f5
A		 115 /*
116 * When first opening a BTree, we have to read the header node before the
117 * control block is initialized. In this case, totalNodes will be zero,
118 * so skip the bounds checking.
119 */
120 if (btcb->totalNodes != 0) {
121 if (srcDesc->fLink >= btcb->totalNodes) {
2d21ac55 122 printf("hfs_swap_BTNode: invalid forward link (0x%08x >= 0x%08x)\n", srcDesc->fLink, btcb->totalNodes);
3a60a9f5
A		 123 error = fsBTInvalidHeaderErr;
124 goto fail;
125 }
126 if (srcDesc->bLink >= btcb->totalNodes) {
2d21ac55 127 printf("hfs_swap_BTNode: invalid backward link (0x%08x >= 0x%08x)\n", srcDesc->bLink, btcb->totalNodes);
3a60a9f5
A		 128 error = fsBTInvalidHeaderErr;
129 goto fail;
130 }
131 }
132
133 /*
134 * Check srcDesc->kind. Don't swap it because it's only one byte.
135 */
136 if (srcDesc->kind < kBTLeafNode || srcDesc->kind > kBTMapNode) {
137 printf("hfs_swap_BTNode: invalid node kind (%d)\n", srcDesc->kind);
138 error = fsBTInvalidHeaderErr;
139 goto fail;
140 }
141
142 /*
143 * Check srcDesc->height. Don't swap it because it's only one byte.
144 */
145 if (srcDesc->height > btcb->treeDepth) {
146 printf("hfs_swap_BTNode: invalid node height (%d)\n", srcDesc->height);
147 error = fsBTInvalidHeaderErr;
148 goto fail;
149 }
150
1c79356b
A		 151 /* Don't swap srcDesc->reserved */
152
153 srcDesc->numRecords = SWAP_BE16 (srcDesc->numRecords);
154
3a60a9f5
A		 155 /*
156 * Swap the node offsets (including the free space one!).
157 */
2d21ac55 158 srcOffs = (u_int16_t *)((char *)src->buffer + (src->blockSize - ((srcDesc->numRecords + 1) * sizeof (u_int16_t))));
1c79356b 159
3a60a9f5
A		 160 /*
161 * Sanity check that the record offsets are within the node itself.
162 */
163 if ((char *)srcOffs > ((char *)src->buffer + src->blockSize) ||
164 (char *)srcOffs < ((char *)src->buffer + sizeof(BTNodeDescriptor))) {
165 printf("hfs_swap_BTNode: invalid record count (0x%04X)\n", srcDesc->numRecords);
166 error = fsBTInvalidHeaderErr;
167 goto fail;
1c79356b
A		 168 }
169
3a60a9f5
A		 170 /*
171 * Swap and sanity check each of the record offsets.
172 */
173 for (i = 0; i <= srcDesc->numRecords; i++) {
1c79356b
A		 174 srcOffs[i] = SWAP_BE16 (srcOffs[i]);
175
3a60a9f5
A		 176 /*
177 * Sanity check: must be even, and within the node itself.
178 *
179 * We may be called to swap an unused node, which contains all zeroes.
180 * This is why we allow the record offset to be zero.
181 */
182 if ((srcOffs[i] & 1) || (srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || (srcOffs[i] >= src->blockSize)) {
183 printf("hfs_swap_BTNode: record #%d invalid offset (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
184 error = fsBTInvalidHeaderErr;
185 goto fail;
186 }
187
188 /*
189 * Make sure the offsets are strictly increasing. Note that we're looping over
190 * them backwards, hence the order in the comparison.
191 */
192 if ((i != 0) && (srcOffs[i] >= srcOffs[i-1])) {
193 printf("hfs_swap_BTNode: offsets %d and %d out of order (0x%04X, 0x%04X)\n",
194 srcDesc->numRecords-i-1, srcDesc->numRecords-i, srcOffs[i], srcOffs[i-1]);
195 error = fsBTInvalidHeaderErr;
196 goto fail;
1c79356b
A		 197 }
198 }
199 }
200
3a60a9f5
A		 201 /*
202 * Swap the records (ordered by frequency of access)
203 */
1c79356b
A		 204 if ((srcDesc->kind == kBTIndexNode) ||
205 (srcDesc-> kind == kBTLeafNode)) {
206
3a60a9f5
A		 207 if (VTOVCB(vp)->vcbSigWord == kHFSPlusSigWord) {
208 error = hfs_swap_HFSPlusBTInternalNode (src, VTOC(vp)->c_fileid, direction);
1c79356b 209 } else {
3a60a9f5 210 error = hfs_swap_HFSBTInternalNode (src, VTOC(vp)->c_fileid, direction);
1c79356b
A		 211 }
212
3a60a9f5
A		 213 if (error) goto fail;
214
1c79356b
A		 215 } else if (srcDesc-> kind == kBTMapNode) {
216 /* Don't swap the bitmaps, they'll be done in the bitmap routines */
217
1c79356b 218 } else if (srcDesc-> kind == kBTHeaderNode) {
3a60a9f5
A		 219 /* The header's offset is hard-wired because we cannot trust the offset pointers. */
220 BTHeaderRec *srcHead = (BTHeaderRec *)((char *)src->buffer + sizeof(BTNodeDescriptor));
1c79356b
A		 221
222 srcHead->treeDepth = SWAP_BE16 (srcHead->treeDepth);
223
224 srcHead->rootNode = SWAP_BE32 (srcHead->rootNode);
225 srcHead->leafRecords = SWAP_BE32 (srcHead->leafRecords);
226 srcHead->firstLeafNode = SWAP_BE32 (srcHead->firstLeafNode);
227 srcHead->lastLeafNode = SWAP_BE32 (srcHead->lastLeafNode);
228
229 srcHead->nodeSize = SWAP_BE16 (srcHead->nodeSize);
230 srcHead->maxKeyLength = SWAP_BE16 (srcHead->maxKeyLength);
231
232 srcHead->totalNodes = SWAP_BE32 (srcHead->totalNodes);
233 srcHead->freeNodes = SWAP_BE32 (srcHead->freeNodes);
234
235 srcHead->clumpSize = SWAP_BE32 (srcHead->clumpSize);
236 srcHead->attributes = SWAP_BE32 (srcHead->attributes);
237
238 /* Don't swap srcHead->reserved1 */
3a60a9f5 239 /* Don't swap srcHead->btreeType; it's only one byte */
1c79356b
A		 240 /* Don't swap srcHead->reserved2 */
241 /* Don't swap srcHead->reserved3 */
242 /* Don't swap bitmap */
243 }
244
3a60a9f5
A		 245 /*
246 * If we are doing a swap from in-memory to on-disk, then swap the node
247 * descriptor and record offsets after we're done using them.
248 */
249 if (direction == kSwapBTNodeHostToBig) {
250 /*
cf7d32b8 251 * Sanity check and swap the forward and backward links.
3a60a9f5
A		 252 */
253 if (srcDesc->fLink >= btcb->totalNodes) {
cf7d32b8 254 panic("hfs_UNswap_BTNode: invalid forward link (0x%08X)\n", srcDesc->fLink);
3a60a9f5
A		 255 error = fsBTInvalidHeaderErr;
256 goto fail;
257 }
258 if (srcDesc->bLink >= btcb->totalNodes) {
cf7d32b8 259 panic("hfs_UNswap_BTNode: invalid backward link (0x%08X)\n", srcDesc->bLink);
3a60a9f5
A		 260 error = fsBTInvalidHeaderErr;
261 goto fail;
262 }
1c79356b
A		 263 srcDesc->fLink = SWAP_BE32 (srcDesc->fLink);
264 srcDesc->bLink = SWAP_BE32 (srcDesc->bLink);
265
3a60a9f5
A		 266 /*
267 * Check srcDesc->kind. Don't swap it because it's only one byte.
268 */
269 if (srcDesc->kind < kBTLeafNode || srcDesc->kind > kBTMapNode) {
cf7d32b8 270 panic("hfs_UNswap_BTNode: invalid node kind (%d)\n", srcDesc->kind);
3a60a9f5
A		 271 error = fsBTInvalidHeaderErr;
272 goto fail;
273 }
274
275 /*
276 * Check srcDesc->height. Don't swap it because it's only one byte.
277 */
278 if (srcDesc->height > btcb->treeDepth) {
cf7d32b8 279 panic("hfs_UNswap_BTNode: invalid node height (%d)\n", srcDesc->height);
3a60a9f5
A		 280 error = fsBTInvalidHeaderErr;
281 goto fail;
282 }
283
1c79356b
A		 284 /* Don't swap srcDesc->reserved */
285
3a60a9f5
A		 286 /*
287 * Swap the node offsets (including the free space one!).
288 */
2d21ac55 289 srcOffs = (u_int16_t *)((char *)src->buffer + (src->blockSize - ((srcDesc->numRecords + 1) * sizeof (u_int16_t))));
1c79356b 290
3a60a9f5
A		 291 /*
292 * Sanity check that the record offsets are within the node itself.
293 */
294 if ((char *)srcOffs > ((char *)src->buffer + src->blockSize) ||
295 (char *)srcOffs < ((char *)src->buffer + sizeof(BTNodeDescriptor))) {
cf7d32b8 296 panic("hfs_UNswap_BTNode: invalid record count (0x%04X)\n", srcDesc->numRecords);
3a60a9f5
A		 297 error = fsBTInvalidHeaderErr;
298 goto fail;
1c79356b
A		 299 }
300
3a60a9f5
A		 301 /*
302 * Swap and sanity check each of the record offsets.
303 */
304 for (i = 0; i <= srcDesc->numRecords; i++) {
305 /*
306 * Sanity check: must be even, and within the node itself.
307 *
308 * We may be called to swap an unused node, which contains all zeroes.
309 * This is why we allow the record offset to be zero.
310 */
311 if ((srcOffs[i] & 1) || (srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || (srcOffs[i] >= src->blockSize)) {
cf7d32b8 312 panic("hfs_UNswap_BTNode: record #%d invalid offset (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
3a60a9f5
A		 313 error = fsBTInvalidHeaderErr;
314 goto fail;
315 }
316
317 /*
318 * Make sure the offsets are strictly increasing. Note that we're looping over
319 * them backwards, hence the order in the comparison.
320 */
321 if ((i < srcDesc->numRecords) && (srcOffs[i+1] >= srcOffs[i])) {
cf7d32b8 322 panic("hfs_UNswap_BTNode: offsets %d and %d out of order (0x%04X, 0x%04X)\n",
3a60a9f5
A		 323 srcDesc->numRecords-i-2, srcDesc->numRecords-i-1, srcOffs[i+1], srcOffs[i]);
324 error = fsBTInvalidHeaderErr;
325 goto fail;
1c79356b
A		 326 }
327
328 srcOffs[i] = SWAP_BE16 (srcOffs[i]);
329 }
330
331 srcDesc->numRecords = SWAP_BE16 (srcDesc->numRecords);
332 }
3a60a9f5
A		 333
334fail:
335 if (error) {
336 /*
337 * Log some useful information about where the corrupt node is.
338 */
339 printf("node=%lld fileID=%u volume=%s device=%s\n", src->blockNum, VTOC(vp)->c_fileid,
340 VTOVCB(vp)->vcbVN, vfs_statfs(vnode_mount(vp))->f_mntfromname);
2d21ac55 341 hfs_mark_volume_inconsistent(VTOVCB(vp));
3a60a9f5
A		 342 }
343
1c79356b
A		 344 return (error);
345}
346
3a60a9f5 347static int
1c79356b
A		 348hfs_swap_HFSPlusBTInternalNode (
349 BlockDescriptor *src,
350 HFSCatalogNodeID fileID,
3a60a9f5 351 enum HFSBTSwapDirection direction
1c79356b
A		 352)
353{
354 BTNodeDescriptor *srcDesc = src->buffer;
2d21ac55
A		 355 u_int16_t *srcOffs = (u_int16_t *)((char *)src->buffer + (src->blockSize - (srcDesc->numRecords * sizeof (u_int16_t))));
356 char *nextRecord; /* Points to start of record following current one */
357
358 /*
359 * i is an int32 because it needs to be negative to index the offset to free space.
360 * srcDesc->numRecords is a u_int16_t and is unlikely to become 32-bit so this should be ok.
361 */
362
363 int32_t i;
364 u_int32_t j;
1c79356b 365
1c79356b
A		 366 if (fileID == kHFSExtentsFileID) {
367 HFSPlusExtentKey *srcKey;
368 HFSPlusExtentDescriptor *srcRec;
3a60a9f5 369 size_t recordSize; /* Size of the data part of the record, or node number for index nodes */
1c79356b 370
3a60a9f5 371 if (srcDesc->kind == kBTIndexNode)
2d21ac55 372 recordSize = sizeof(u_int32_t);
3a60a9f5
A		 373 else
374 recordSize = sizeof(HFSPlusExtentDescriptor);
375
1c79356b 376 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 377 /* Point to the start of the record we're currently checking. */
1c79356b 378 srcKey = (HFSPlusExtentKey *)((char *)src->buffer + srcOffs[i]);
3a60a9f5
A		 379
380 /*
381 * Point to start of next (larger offset) record. We'll use this
382 * to be sure the current record doesn't overflow into the next
383 * record.
384 */
385 nextRecord = (char *)src->buffer + srcOffs[i-1];
1c79356b 386
3a60a9f5
A		 387 /*
388 * Make sure the key and data are within the buffer. Since both key
389 * and data are fixed size, this is relatively easy. Note that this
390 * relies on the keyLength being a constant; we verify the keyLength
391 * below.
392 */
393 if ((char *)srcKey + sizeof(HFSPlusExtentKey) + recordSize > nextRecord) {
cf7d32b8
A		 394 if (direction == kSwapBTNodeHostToBig) {
395 panic("hfs_swap_HFSPlusBTInternalNode: extents key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
396 } else {
397 printf("hfs_swap_HFSPlusBTInternalNode: extents key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
398 }
3a60a9f5
A		 399 return fsBTInvalidNodeErr;
400 }
401
402 if (direction == kSwapBTNodeBigToHost)
403 srcKey->keyLength = SWAP_BE16 (srcKey->keyLength);
404 if (srcKey->keyLength != sizeof(*srcKey) - sizeof(srcKey->keyLength)) {
cf7d32b8
A		 405 if (direction == kSwapBTNodeHostToBig) {
406 panic("hfs_swap_HFSPlusBTInternalNode: extents key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
407 } else {
408 printf("hfs_swap_HFSPlusBTInternalNode: extents key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
409 }
3a60a9f5
A		 410 return fsBTInvalidNodeErr;
411 }
412 srcRec = (HFSPlusExtentDescriptor *)((char *)srcKey + srcKey->keyLength + sizeof(srcKey->keyLength));
413 if (direction == kSwapBTNodeHostToBig)
414 srcKey->keyLength = SWAP_BE16 (srcKey->keyLength);
1c79356b 415
3a60a9f5 416 /* Don't swap srcKey->forkType; it's only one byte */
1c79356b
A		 417 /* Don't swap srcKey->pad */
418
419 srcKey->fileID = SWAP_BE32 (srcKey->fileID);
420 srcKey->startBlock = SWAP_BE32 (srcKey->startBlock);
421
1c79356b 422 if (srcDesc->kind == kBTIndexNode) {
3a60a9f5 423 /* For index nodes, the record data is just a child node number. */
2d21ac55 424 *((u_int32_t *)srcRec) = SWAP_BE32 (*((u_int32_t *)srcRec));
3a60a9f5
A		 425 } else {
426 /* Swap the extent data */
427 for (j = 0; j < kHFSPlusExtentDensity; j++) {
428 srcRec[j].startBlock = SWAP_BE32 (srcRec[j].startBlock);
429 srcRec[j].blockCount = SWAP_BE32 (srcRec[j].blockCount);
430 }
1c79356b
A		 431 }
432 }
433
434 } else if (fileID == kHFSCatalogFileID) {
435 HFSPlusCatalogKey *srcKey;
2d21ac55 436 int16_t *srcPtr;
3a60a9f5
A		 437 u_int16_t keyLength;
438
1c79356b 439 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 440 /* Point to the start of the record we're currently checking. */
1c79356b
A		 441 srcKey = (HFSPlusCatalogKey *)((char *)src->buffer + srcOffs[i]);
442
3a60a9f5
A		 443 /*
444 * Point to start of next (larger offset) record. We'll use this
445 * to be sure the current record doesn't overflow into the next
446 * record.
447 */
448 nextRecord = (char *)src->buffer + srcOffs[i-1];
449
450 /*
cf7d32b8
A		 451 * Make sure we can safely dereference the keyLength and parentID fields.
452 */
3a60a9f5 453 if ((char *)srcKey + offsetof(HFSPlusCatalogKey, nodeName.unicode[0]) > nextRecord) {
cf7d32b8
A		 454 if (direction == kSwapBTNodeHostToBig) {
455 panic("hfs_swap_HFSPlusBTInternalNode: catalog key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
456 } else {
457 printf("hfs_swap_HFSPlusBTInternalNode: catalog key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
458 }
3a60a9f5
A		 459 return fsBTInvalidNodeErr;
460 }
461
462 /*
463 * Swap and sanity check the key length
464 */
465 if (direction == kSwapBTNodeBigToHost)
466 srcKey->keyLength = SWAP_BE16 (srcKey->keyLength);
467 keyLength = srcKey->keyLength; /* Put it in a local (native order) because we use it several times */
468 if (direction == kSwapBTNodeHostToBig)
469 srcKey->keyLength = SWAP_BE16 (keyLength);
1c79356b 470
3a60a9f5
A		 471 /* Sanity check the key length */
472 if (keyLength < kHFSPlusCatalogKeyMinimumLength || keyLength > kHFSPlusCatalogKeyMaximumLength) {
cf7d32b8
A		 473 if (direction == kSwapBTNodeHostToBig) {
474 panic("hfs_swap_HFSPlusBTInternalNode: catalog key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, keyLength);
475 } else {
476 printf("hfs_swap_HFSPlusBTInternalNode: catalog key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, keyLength);
477 }
3a60a9f5
A		 478 return fsBTInvalidNodeErr;
479 }
480
481 /*
482 * Make sure that we can safely dereference the record's type field or
483 * an index node's child node number.
484 */
2d21ac55
A		 485 srcPtr = (int16_t *)((char *)srcKey + keyLength + sizeof(srcKey->keyLength));
486 if ((char *)srcPtr + sizeof(u_int32_t) > nextRecord) {
cf7d32b8
A		 487 if (direction == kSwapBTNodeHostToBig) {
488 panic("hfs_swap_HFSPlusBTInternalNode: catalog key #%d too big\n", srcDesc->numRecords-i-1);
489 } else {
490 printf("hfs_swap_HFSPlusBTInternalNode: catalog key #%d too big\n", srcDesc->numRecords-i-1);
491 }
3a60a9f5
A		 492 return fsBTInvalidNodeErr;
493 }
494
1c79356b
A		 495 srcKey->parentID = SWAP_BE32 (srcKey->parentID);
496
3a60a9f5
A		 497 /*
498 * Swap and sanity check the key's node name
499 */
500 if (direction == kSwapBTNodeBigToHost)
501 srcKey->nodeName.length = SWAP_BE16 (srcKey->nodeName.length);
502 /* Make sure name length is consistent with key length */
503 if (keyLength < sizeof(srcKey->parentID) + sizeof(srcKey->nodeName.length) +
504 srcKey->nodeName.length*sizeof(srcKey->nodeName.unicode[0])) {
cf7d32b8
A		 505 if (direction == kSwapBTNodeHostToBig) {
506 panic("hfs_swap_HFSPlusBTInternalNode: catalog record #%d keyLength=%d expected=%lu\n",
507 srcDesc->numRecords-i, keyLength, sizeof(srcKey->parentID) + sizeof(srcKey->nodeName.length) +
508 srcKey->nodeName.length*sizeof(srcKey->nodeName.unicode[0]));
509 } else {
510 printf("hfs_swap_HFSPlusBTInternalNode: catalog record #%d keyLength=%d expected=%lu\n",
511 srcDesc->numRecords-i, keyLength, sizeof(srcKey->parentID) + sizeof(srcKey->nodeName.length) +
512 srcKey->nodeName.length*sizeof(srcKey->nodeName.unicode[0]));
513 }
3a60a9f5
A		 514 return fsBTInvalidNodeErr;
515 }
1c79356b
A		 516 for (j = 0; j < srcKey->nodeName.length; j++) {
517 srcKey->nodeName.unicode[j] = SWAP_BE16 (srcKey->nodeName.unicode[j]);
518 }
3a60a9f5
A		 519 if (direction == kSwapBTNodeHostToBig)
520 srcKey->nodeName.length = SWAP_BE16 (srcKey->nodeName.length);
1c79356b 521
3a60a9f5
A		 522 /*
523 * For index nodes, the record data is just the child's node number.
524 * Skip over swapping the various types of catalog record.
525 */
1c79356b 526 if (srcDesc->kind == kBTIndexNode) {
2d21ac55 527 *((u_int32_t *)srcPtr) = SWAP_BE32 (*((u_int32_t *)srcPtr));
1c79356b
A		 528 continue;
529 }
530
3a60a9f5
A		 531 /* Make sure the recordType is in native order before using it. */
532 if (direction == kSwapBTNodeBigToHost)
533 srcPtr[0] = SWAP_BE16 (srcPtr[0]);
1c79356b
A		 534
535 if (srcPtr[0] == kHFSPlusFolderRecord) {
536 HFSPlusCatalogFolder *srcRec = (HFSPlusCatalogFolder *)srcPtr;
3a60a9f5 537 if ((char *)srcRec + sizeof(*srcRec) > nextRecord) {
cf7d32b8
A		 538 if (direction == kSwapBTNodeHostToBig) {
539 panic("hfs_swap_HFSPlusBTInternalNode: catalog folder record #%d too big\n", srcDesc->numRecords-i-1);
540 } else {
541 printf("hfs_swap_HFSPlusBTInternalNode: catalog folder record #%d too big\n", srcDesc->numRecords-i-1);
542 }
3a60a9f5
A		 543 return fsBTInvalidNodeErr;
544 }
545
1c79356b
A		 546 srcRec->flags = SWAP_BE16 (srcRec->flags);
547 srcRec->valence = SWAP_BE32 (srcRec->valence);
548 srcRec->folderID = SWAP_BE32 (srcRec->folderID);
549 srcRec->createDate = SWAP_BE32 (srcRec->createDate);
550 srcRec->contentModDate = SWAP_BE32 (srcRec->contentModDate);
551 srcRec->attributeModDate = SWAP_BE32 (srcRec->attributeModDate);
552 srcRec->accessDate = SWAP_BE32 (srcRec->accessDate);
553 srcRec->backupDate = SWAP_BE32 (srcRec->backupDate);
554
555 srcRec->bsdInfo.ownerID = SWAP_BE32 (srcRec->bsdInfo.ownerID);
556 srcRec->bsdInfo.groupID = SWAP_BE32 (srcRec->bsdInfo.groupID);
557
3a60a9f5
A		 558 /* Don't swap srcRec->bsdInfo.adminFlags; it's only one byte */
559 /* Don't swap srcRec->bsdInfo.ownerFlags; it's only one byte */
1c79356b
A		 560
561 srcRec->bsdInfo.fileMode = SWAP_BE16 (srcRec->bsdInfo.fileMode);
562 srcRec->bsdInfo.special.iNodeNum = SWAP_BE32 (srcRec->bsdInfo.special.iNodeNum);
563
564 srcRec->textEncoding = SWAP_BE32 (srcRec->textEncoding);
565
566 /* Don't swap srcRec->userInfo */
567 /* Don't swap srcRec->finderInfo */
2d21ac55
A		 568 srcRec->folderCount = SWAP_BE32 (srcRec->folderCount);
569
1c79356b
A		 570 } else if (srcPtr[0] == kHFSPlusFileRecord) {
571 HFSPlusCatalogFile *srcRec = (HFSPlusCatalogFile *)srcPtr;
3a60a9f5 572 if ((char *)srcRec + sizeof(*srcRec) > nextRecord) {
cf7d32b8
A		 573 if (direction == kSwapBTNodeHostToBig) {
574 panic("hfs_swap_HFSPlusBTInternalNode: catalog file record #%d too big\n", srcDesc->numRecords-i-1);
575 } else {
576 printf("hfs_swap_HFSPlusBTInternalNode: catalog file record #%d too big\n", srcDesc->numRecords-i-1);
577 }
3a60a9f5
A		 578 return fsBTInvalidNodeErr;
579 }
1c79356b
A		 580
581 srcRec->flags = SWAP_BE16 (srcRec->flags);
582
583 srcRec->fileID = SWAP_BE32 (srcRec->fileID);
584
585 srcRec->createDate = SWAP_BE32 (srcRec->createDate);
586 srcRec->contentModDate = SWAP_BE32 (srcRec->contentModDate);
587 srcRec->attributeModDate = SWAP_BE32 (srcRec->attributeModDate);
588 srcRec->accessDate = SWAP_BE32 (srcRec->accessDate);
589 srcRec->backupDate = SWAP_BE32 (srcRec->backupDate);
590
591 srcRec->bsdInfo.ownerID = SWAP_BE32 (srcRec->bsdInfo.ownerID);
592 srcRec->bsdInfo.groupID = SWAP_BE32 (srcRec->bsdInfo.groupID);
593
3a60a9f5
A		 594 /* Don't swap srcRec->bsdInfo.adminFlags; it's only one byte */
595 /* Don't swap srcRec->bsdInfo.ownerFlags; it's only one byte */
1c79356b
A		 596
597 srcRec->bsdInfo.fileMode = SWAP_BE16 (srcRec->bsdInfo.fileMode);
598 srcRec->bsdInfo.special.iNodeNum = SWAP_BE32 (srcRec->bsdInfo.special.iNodeNum);
599
600 srcRec->textEncoding = SWAP_BE32 (srcRec->textEncoding);
2d21ac55
A		 601
602 /* If kHFSHasLinkChainBit is set, reserved1 is hl_FirstLinkID.
cf7d32b8
A		 603 * In all other context, it is expected to be zero.
604 */
2d21ac55
A		 605 srcRec->reserved1 = SWAP_BE32 (srcRec->reserved1);
606
1c79356b
A		 607 /* Don't swap srcRec->userInfo */
608 /* Don't swap srcRec->finderInfo */
609 /* Don't swap srcRec->reserved2 */
610
611 hfs_swap_HFSPlusForkData (&srcRec->dataFork);
612 hfs_swap_HFSPlusForkData (&srcRec->resourceFork);
613
614 } else if ((srcPtr[0] == kHFSPlusFolderThreadRecord) ||
615 (srcPtr[0] == kHFSPlusFileThreadRecord)) {
616
3a60a9f5
A		 617 /*
618 * Make sure there is room for parentID and name length.
619 */
1c79356b 620 HFSPlusCatalogThread *srcRec = (HFSPlusCatalogThread *)srcPtr;
3a60a9f5 621 if ((char *) &srcRec->nodeName.unicode[0] > nextRecord) {
cf7d32b8
A		 622 if (direction == kSwapBTNodeHostToBig) {
623 panic("hfs_swap_HFSPlusBTInternalNode: catalog thread record #%d too big\n", srcDesc->numRecords-i-1);
624 } else {
625 printf("hfs_swap_HFSPlusBTInternalNode: catalog thread record #%d too big\n", srcDesc->numRecords-i-1);
626 }
3a60a9f5
A		 627 return fsBTInvalidNodeErr;
628 }
629
1c79356b
A		 630 /* Don't swap srcRec->reserved */
631
632 srcRec->parentID = SWAP_BE32 (srcRec->parentID);
633
3a60a9f5
A		 634 if (direction == kSwapBTNodeBigToHost)
635 srcRec->nodeName.length = SWAP_BE16 (srcRec->nodeName.length);
636
637 /*
638 * Make sure there is room for the name in the buffer.
639 * Then swap the characters of the name itself.
640 */
641 if ((char *) &srcRec->nodeName.unicode[srcRec->nodeName.length] > nextRecord) {
cf7d32b8
A		 642 if (direction == kSwapBTNodeHostToBig) {
643 panic("hfs_swap_HFSPlusBTInternalNode: catalog thread record #%d name too big\n", srcDesc->numRecords-i-1);
644 } else {
645 printf("hfs_swap_HFSPlusBTInternalNode: catalog thread record #%d name too big\n", srcDesc->numRecords-i-1);
646 }
3a60a9f5
A		 647 return fsBTInvalidNodeErr;
648 }
1c79356b
A		 649 for (j = 0; j < srcRec->nodeName.length; j++) {
650 srcRec->nodeName.unicode[j] = SWAP_BE16 (srcRec->nodeName.unicode[j]);
651 }
3a60a9f5
A		 652
653 if (direction == kSwapBTNodeHostToBig)
654 srcRec->nodeName.length = SWAP_BE16 (srcRec->nodeName.length);
1c79356b
A		 655
656 } else {
cf7d32b8
A		 657 if (direction == kSwapBTNodeHostToBig) {
658 panic("hfs_swap_HFSPlusBTInternalNode: unrecognized catalog record type (0x%04X; record #%d)\n", srcPtr[0], srcDesc->numRecords-i-1);
659 } else {
660 printf("hfs_swap_HFSPlusBTInternalNode: unrecognized catalog record type (0x%04X; record #%d)\n", srcPtr[0], srcDesc->numRecords-i-1);
661 }
3a60a9f5 662 return fsBTInvalidNodeErr;
1c79356b
A		 663 }
664
3a60a9f5
A		 665 /* We can swap the record type now that we're done using it. */
666 if (direction == kSwapBTNodeHostToBig)
667 srcPtr[0] = SWAP_BE16 (srcPtr[0]);
1c79356b
A		 668 }
669
91447636
A		 670 } else if (fileID == kHFSAttributesFileID) {
671 HFSPlusAttrKey *srcKey;
672 HFSPlusAttrRecord *srcRec;
3a60a9f5
A		 673 u_int16_t keyLength;
674 u_int32_t attrSize = 0;
675
91447636 676 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 677 /* Point to the start of the record we're currently checking. */
91447636 678 srcKey = (HFSPlusAttrKey *)((char *)src->buffer + srcOffs[i]);
3a60a9f5
A		 679
680 /*
681 * Point to start of next (larger offset) record. We'll use this
682 * to be sure the current record doesn't overflow into the next
683 * record.
684 */
685 nextRecord = (char *)src->buffer + srcOffs[i-1];
686
687 /* Make sure there is room in the buffer for a minimal key */
688 if ((char *) &srcKey->attrName[1] > nextRecord) {
cf7d32b8
A		 689 if (direction == kSwapBTNodeHostToBig) {
690 panic("hfs_swap_HFSPlusBTInternalNode: attr key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
691 } else {
692 printf("hfs_swap_HFSPlusBTInternalNode: attr key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
693 }
3a60a9f5
A		 694 return fsBTInvalidNodeErr;
695 }
91447636 696
3a60a9f5
A		 697 /* Swap the key length field */
698 if (direction == kSwapBTNodeBigToHost)
699 srcKey->keyLength = SWAP_BE16(srcKey->keyLength);
700 keyLength = srcKey->keyLength; /* Keep a copy in native order */
701 if (direction == kSwapBTNodeHostToBig)
702 srcKey->keyLength = SWAP_BE16(srcKey->keyLength);
703
704 /*
705 * Make sure that we can safely dereference the record's type field or
706 * an index node's child node number.
707 */
708 srcRec = (HFSPlusAttrRecord *)((char *)srcKey + keyLength + sizeof(srcKey->keyLength));
709 if ((char *)srcRec + sizeof(u_int32_t) > nextRecord) {
cf7d32b8
A		 710 if (direction == kSwapBTNodeHostToBig) {
711 panic("hfs_swap_HFSPlusBTInternalNode: attr key #%d too big (%d)\n", srcDesc->numRecords-i-1, keyLength);
712 } else {
713 printf("hfs_swap_HFSPlusBTInternalNode: attr key #%d too big (%d)\n", srcDesc->numRecords-i-1, keyLength);
714 }
3a60a9f5
A		 715 return fsBTInvalidNodeErr;
716 }
91447636
A		 717
718 srcKey->fileID = SWAP_BE32(srcKey->fileID);
719 srcKey->startBlock = SWAP_BE32(srcKey->startBlock);
3a60a9f5
A		 720
721 /*
722 * Swap and check the attribute name
723 */
724 if (direction == kSwapBTNodeBigToHost)
725 srcKey->attrNameLen = SWAP_BE16(srcKey->attrNameLen);
726 /* Sanity check the attribute name length */
727 if (srcKey->attrNameLen > kHFSMaxAttrNameLen || keyLength < (kHFSPlusAttrKeyMinimumLength + sizeof(u_int16_t)*srcKey->attrNameLen)) {
cf7d32b8
A		 728 if (direction == kSwapBTNodeHostToBig) {
729 panic("hfs_swap_HFSPlusBTInternalNode: attr key #%d keyLength=%d attrNameLen=%d\n", srcDesc->numRecords-i-1, keyLength, srcKey->attrNameLen);
730 } else {
731 printf("hfs_swap_HFSPlusBTInternalNode: attr key #%d keyLength=%d attrNameLen=%d\n", srcDesc->numRecords-i-1, keyLength, srcKey->attrNameLen);
732 }
3a60a9f5
A		 733 return fsBTInvalidNodeErr;
734 }
91447636
A		 735 for (j = 0; j < srcKey->attrNameLen; j++)
736 srcKey->attrName[j] = SWAP_BE16(srcKey->attrName[j]);
3a60a9f5
A		 737 if (direction == kSwapBTNodeHostToBig)
738 srcKey->attrNameLen = SWAP_BE16(srcKey->attrNameLen);
91447636 739
3a60a9f5
A		 740 /*
741 * For index nodes, the record data is just the child's node number.
742 * Skip over swapping the various types of attribute record.
743 */
91447636 744 if (srcDesc->kind == kBTIndexNode) {
2d21ac55 745 *((u_int32_t *)srcRec) = SWAP_BE32 (*((u_int32_t *)srcRec));
91447636
A		 746 continue;
747 }
748
3a60a9f5
A		 749 /* Swap the record data */
750 if (direction == kSwapBTNodeBigToHost)
751 srcRec->recordType = SWAP_BE32(srcRec->recordType);
91447636
A		 752 switch (srcRec->recordType) {
753 case kHFSPlusAttrInlineData:
3a60a9f5
A		 754 /* Is there room for the inline data header? */
755 if ((char *) &srcRec->attrData.attrData[0] > nextRecord) {
cf7d32b8
A		 756 if (direction == kSwapBTNodeHostToBig) {
757 panic("hfs_swap_HFSPlusBTInternalNode: attr inline #%d too big\n", srcDesc->numRecords-i-1);
758 } else {
759 printf("hfs_swap_HFSPlusBTInternalNode: attr inline #%d too big\n", srcDesc->numRecords-i-1);
760 }
3a60a9f5
A		 761 return fsBTInvalidNodeErr;
762 }
763
91447636 764 /* We're not swapping the reserved fields */
3a60a9f5
A		 765
766 /* Swap the attribute size */
767 if (direction == kSwapBTNodeHostToBig)
768 attrSize = srcRec->attrData.attrSize;
91447636 769 srcRec->attrData.attrSize = SWAP_BE32(srcRec->attrData.attrSize);
3a60a9f5
A		 770 if (direction == kSwapBTNodeBigToHost)
771 attrSize = srcRec->attrData.attrSize;
772
773 /* Is there room for the inline attribute data? */
774 if ((char *) &srcRec->attrData.attrData[attrSize] > nextRecord) {
cf7d32b8
A		 775 if (direction == kSwapBTNodeHostToBig) {
776 panic("hfs_swap_HFSPlusBTInternalNode: attr inline #%d too big (attrSize=%u)\n", srcDesc->numRecords-i-1, attrSize);
777 } else {
778 printf("hfs_swap_HFSPlusBTInternalNode: attr inline #%d too big (attrSize=%u)\n", srcDesc->numRecords-i-1, attrSize);
779 }
3a60a9f5
A		 780 return fsBTInvalidNodeErr;
781 }
782
783 /* Not swapping the attribute data itself */
91447636 784 break;
3a60a9f5 785
91447636 786 case kHFSPlusAttrForkData:
3a60a9f5
A		 787 /* Is there room for the fork data record? */
788 if ((char *)srcRec + sizeof(HFSPlusAttrForkData) > nextRecord) {
cf7d32b8
A		 789 if (direction == kSwapBTNodeHostToBig) {
790 panic("hfs_swap_HFSPlusBTInternalNode: attr fork data #%d too big\n", srcDesc->numRecords-i-1);
791 } else {
792 printf("hfs_swap_HFSPlusBTInternalNode: attr fork data #%d too big\n", srcDesc->numRecords-i-1);
793 }
3a60a9f5
A		 794 return fsBTInvalidNodeErr;
795 }
796
91447636 797 /* We're not swapping the reserved field */
3a60a9f5 798
91447636
A		 799 hfs_swap_HFSPlusForkData(&srcRec->forkData.theFork);
800 break;
3a60a9f5 801
91447636 802 case kHFSPlusAttrExtents:
3a60a9f5
A		 803 /* Is there room for an extent record? */
804 if ((char *)srcRec + sizeof(HFSPlusAttrExtents) > nextRecord) {
cf7d32b8
A		 805 if (direction == kSwapBTNodeHostToBig) {
806 panic("hfs_swap_HFSPlusBTInternalNode: attr extents #%d too big\n", srcDesc->numRecords-i-1);
807 } else {
808 printf("hfs_swap_HFSPlusBTInternalNode: attr extents #%d too big\n", srcDesc->numRecords-i-1);
809 }
3a60a9f5
A		 810 return fsBTInvalidNodeErr;
811 }
812
91447636 813 /* We're not swapping the reserved field */
3a60a9f5 814
91447636
A		 815 for (j = 0; j < kHFSPlusExtentDensity; j++) {
816 srcRec->overflowExtents.extents[j].startBlock =
817 SWAP_BE32(srcRec->overflowExtents.extents[j].startBlock);
818 srcRec->overflowExtents.extents[j].blockCount =
819 SWAP_BE32(srcRec->overflowExtents.extents[j].blockCount);
820 }
821 break;
822 }
3a60a9f5
A		 823 if (direction == kSwapBTNodeHostToBig)
824 srcRec->recordType = SWAP_BE32(srcRec->recordType);
91447636 825 }
55e303ae 826 } else if (fileID > kHFSFirstUserCatalogNodeID) {
3a60a9f5 827 /* The only B-tree with a non-system CNID that we use is the hotfile B-tree */
55e303ae 828 HotFileKey *srcKey;
2d21ac55 829 u_int32_t *srcRec;
55e303ae
A		 830
831 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 832 /* Point to the start of the record we're currently checking. */
55e303ae
A		 833 srcKey = (HotFileKey *)((char *)src->buffer + srcOffs[i]);
834
3a60a9f5
A		 835 /*
836 * Point to start of next (larger offset) record. We'll use this
837 * to be sure the current record doesn't overflow into the next
838 * record.
839 */
840 nextRecord = (char *)src->buffer + srcOffs[i-1];
841
2d21ac55
A		 842 /* Make sure there is room for the key (HotFileKey) and data (u_int32_t) */
843 if ((char *)srcKey + sizeof(HotFileKey) + sizeof(u_int32_t) > nextRecord) {
cf7d32b8
A		 844 if (direction == kSwapBTNodeHostToBig) {
845 panic("hfs_swap_HFSPlusBTInternalNode: hotfile #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
846 } else {
847 printf("hfs_swap_HFSPlusBTInternalNode: hotfile #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
848 }
3a60a9f5
A		 849 return fsBTInvalidNodeErr;
850 }
851
852 /* Swap and sanity check the key length field */
853 if (direction == kSwapBTNodeBigToHost)
55e303ae 854 srcKey->keyLength = SWAP_BE16 (srcKey->keyLength);
3a60a9f5 855 if (srcKey->keyLength != sizeof(*srcKey) - sizeof(srcKey->keyLength)) {
cf7d32b8
A		 856 if (direction == kSwapBTNodeHostToBig) {
857 panic("hfs_swap_HFSPlusBTInternalNode: hotfile #%d incorrect keyLength %d\n", srcDesc->numRecords-i-1, srcKey->keyLength);
858 } else {
859 printf("hfs_swap_HFSPlusBTInternalNode: hotfile #%d incorrect keyLength %d\n", srcDesc->numRecords-i-1, srcKey->keyLength);
860 }
3a60a9f5
A		 861 return fsBTInvalidNodeErr;
862 }
863 srcRec = (u_int32_t *)((char *)srcKey + srcKey->keyLength + sizeof(srcKey->keyLength));
864 if (direction == kSwapBTNodeHostToBig)
55e303ae
A		 865 srcKey->keyLength = SWAP_BE16 (srcKey->keyLength);
866
867 /* Don't swap srcKey->forkType */
868 /* Don't swap srcKey->pad */
869
870 srcKey->temperature = SWAP_BE32 (srcKey->temperature);
871 srcKey->fileID = SWAP_BE32 (srcKey->fileID);
872
2d21ac55 873 *((u_int32_t *)srcRec) = SWAP_BE32 (*((u_int32_t *)srcRec));
55e303ae 874 }
1c79356b 875 } else {
3a60a9f5 876 panic ("hfs_swap_HFSPlusBTInternalNode: fileID %u is not a system B-tree\n", fileID);
1c79356b
A		 877 }
878
55e303ae 879
1c79356b
A		 880 return (0);
881}
882
3a60a9f5 883static int
1c79356b
A		 884hfs_swap_HFSBTInternalNode (
885 BlockDescriptor *src,
886 HFSCatalogNodeID fileID,
3a60a9f5 887 enum HFSBTSwapDirection direction
1c79356b
A		 888)
889{
890 BTNodeDescriptor *srcDesc = src->buffer;
2d21ac55 891 u_int16_t *srcOffs = (u_int16_t *)((char *)src->buffer + (src->blockSize - (srcDesc->numRecords * sizeof (u_int16_t))));
3a60a9f5 892 char *nextRecord; /* Points to start of record following current one */
1c79356b 893
2d21ac55
A		 894 /*
895 * i is an int32 because it needs to be negative to index the offset to free space.
896 * srcDesc->numRecords is a u_int16_t and is unlikely to become 32-bit so this should be ok.
897 */
898 int32_t i;
899 u_int32_t j;
1c79356b 900
1c79356b
A		 901 if (fileID == kHFSExtentsFileID) {
902 HFSExtentKey *srcKey;
903 HFSExtentDescriptor *srcRec;
3a60a9f5 904 size_t recordSize; /* Size of the data part of the record, or node number for index nodes */
1c79356b 905
3a60a9f5 906 if (srcDesc->kind == kBTIndexNode)
2d21ac55 907 recordSize = sizeof(u_int32_t);
3a60a9f5
A		 908 else
909 recordSize = sizeof(HFSExtentDescriptor);
910
1c79356b 911 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 912 /* Point to the start of the record we're currently checking. */
1c79356b
A		 913 srcKey = (HFSExtentKey *)((char *)src->buffer + srcOffs[i]);
914
3a60a9f5
A		 915 /*
916 * Point to start of next (larger offset) record. We'll use this
917 * to be sure the current record doesn't overflow into the next
918 * record.
919 */
920 nextRecord = (char *)src->buffer + srcOffs[i-1];
921
922 /*
923 * Make sure the key and data are within the buffer. Since both key
924 * and data are fixed size, this is relatively easy. Note that this
925 * relies on the keyLength being a constant; we verify the keyLength
926 * below.
927 */
928 if ((char *)srcKey + sizeof(HFSExtentKey) + recordSize > nextRecord) {
cf7d32b8
A		 929 if (direction == kSwapBTNodeHostToBig) {
930 panic("hfs_swap_HFSBTInternalNode: extents key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
931 } else {
932 printf("hfs_swap_HFSBTInternalNode: extents key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
933 }
3a60a9f5
A		 934 return fsBTInvalidNodeErr;
935 }
936
937 /* Don't swap srcKey->keyLength (it's only one byte), but do sanity check it */
938 if (srcKey->keyLength != sizeof(*srcKey) - sizeof(srcKey->keyLength)) {
cf7d32b8
A		 939 if (direction == kSwapBTNodeHostToBig) {
940 panic("hfs_swap_HFSBTInternalNode: extents key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
941 } else {
942 printf("hfs_swap_HFSBTInternalNode: extents key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
943 }
3a60a9f5
A		 944 return fsBTInvalidNodeErr;
945 }
946
947 /* Don't swap srcKey->forkType; it's only one byte */
1c79356b
A		 948
949 srcKey->fileID = SWAP_BE32 (srcKey->fileID);
950 srcKey->startBlock = SWAP_BE16 (srcKey->startBlock);
951
952 /* Point to record data (round up to even byte boundary) */
953 srcRec = (HFSExtentDescriptor *)((char *)srcKey + ((srcKey->keyLength + 2) & ~1));
954
1c79356b 955 if (srcDesc->kind == kBTIndexNode) {
3a60a9f5 956 /* For index nodes, the record data is just a child node number. */
2d21ac55 957 *((u_int32_t *)srcRec) = SWAP_BE32 (*((u_int32_t *)srcRec));
3a60a9f5
A		 958 } else {
959 /* Swap the extent data */
960 for (j = 0; j < kHFSExtentDensity; j++) {
961 srcRec[j].startBlock = SWAP_BE16 (srcRec[j].startBlock);
962 srcRec[j].blockCount = SWAP_BE16 (srcRec[j].blockCount);
963 }
1c79356b
A		 964 }
965 }
966
967 } else if (fileID == kHFSCatalogFileID) {
968 HFSCatalogKey *srcKey;
2d21ac55 969 int16_t *srcPtr;
3a60a9f5
A		 970 unsigned expectedKeyLength;
971
1c79356b 972 for (i = 0; i < srcDesc->numRecords; i++) {
3a60a9f5 973 /* Point to the start of the record we're currently checking. */
1c79356b
A		 974 srcKey = (HFSCatalogKey *)((char *)src->buffer + srcOffs[i]);
975
3a60a9f5
A		 976 /*
977 * Point to start of next (larger offset) record. We'll use this
978 * to be sure the current record doesn't overflow into the next
979 * record.
980 */
981 nextRecord = (char *)src->buffer + srcOffs[i-1];
982
983 /*
984 * Make sure we can safely dereference the keyLength and parentID fields.
985 * The value 8 below is 1 bytes for keyLength + 1 byte reserved + 4 bytes
986 * for parentID + 1 byte for nodeName's length + 1 byte to round up the
987 * record start to an even offset, which forms a minimal key.
988 */
989 if ((char *)srcKey + 8 > nextRecord) {
cf7d32b8
A		 990 if (direction == kSwapBTNodeHostToBig) {
991 panic("hfs_swap_HFSBTInternalNode: catalog key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
992 } else {
993 printf("hfs_swap_HFSBTInternalNode: catalog key #%d offset too big (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
994 }
3a60a9f5
A		 995 return fsBTInvalidNodeErr;
996 }
997
998 /* Don't swap srcKey->keyLength (it's only one byte), but do sanity check it */
999 if (srcKey->keyLength < kHFSCatalogKeyMinimumLength || srcKey->keyLength > kHFSCatalogKeyMaximumLength) {
cf7d32b8
A		 1000 if (direction == kSwapBTNodeHostToBig) {
1001 panic("hfs_swap_HFSBTInternalNode: catalog key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
1002 } else {
1003 printf("hfs_swap_HFSBTInternalNode: catalog key #%d invalid length (%d)\n", srcDesc->numRecords-i-1, srcKey->keyLength);
1004 }
3a60a9f5
A		 1005 return fsBTInvalidNodeErr;
1006 }
1007
1c79356b
A		 1008 /* Don't swap srcKey->reserved */
1009
1010 srcKey->parentID = SWAP_BE32 (srcKey->parentID);
1011
1012 /* Don't swap srcKey->nodeName */
3a60a9f5
A		 1013
1014 /* Make sure the keyLength is big enough for the key's content */
1015 if (srcDesc->kind == kBTIndexNode)
1016 expectedKeyLength = sizeof(*srcKey) - sizeof(srcKey->keyLength);
1017 else
1018 expectedKeyLength = srcKey->nodeName[0] + kHFSCatalogKeyMinimumLength;
1019 if (srcKey->keyLength < expectedKeyLength) {
cf7d32b8
A		 1020 if (direction == kSwapBTNodeHostToBig) {
1021 panic("hfs_swap_HFSBTInternalNode: catalog record #%d keyLength=%u expected=%u\n",
1022 srcDesc->numRecords-i, srcKey->keyLength, expectedKeyLength);
1023 } else {
1024 printf("hfs_swap_HFSBTInternalNode: catalog record #%d keyLength=%u expected=%u\n",
1025 srcDesc->numRecords-i, srcKey->keyLength, expectedKeyLength);
1026 }
3a60a9f5
A		 1027 return fsBTInvalidNodeErr;
1028 }
1c79356b
A		 1029
1030 /* Point to record data (round up to even byte boundary) */
2d21ac55 1031 srcPtr = (int16_t *)((char *)srcKey + ((srcKey->keyLength + 2) & ~1));
1c79356b 1032
3a60a9f5
A		 1033 /*
1034 * Make sure that we can safely dereference the record's type field or
1035 * and index node's child node number.
1036 */
2d21ac55 1037 if ((char *)srcPtr + sizeof(u_int32_t) > nextRecord) {
cf7d32b8
A		 1038 if (direction == kSwapBTNodeHostToBig) {
1039 panic("hfs_swap_HFSBTInternalNode: catalog key #%d too big\n", srcDesc->numRecords-i-1);
1040 } else {
1041 printf("hfs_swap_HFSBTInternalNode: catalog key #%d too big\n", srcDesc->numRecords-i-1);
1042 }
3a60a9f5
A		 1043 return fsBTInvalidNodeErr;
1044 }
1045
1046 /*
1047 * For index nodes, the record data is just the child's node number.
1048 * Skip over swapping the various types of catalog record.
1049 */
1c79356b 1050 if (srcDesc->kind == kBTIndexNode) {
2d21ac55 1051 *((u_int32_t *)srcPtr) = SWAP_BE32 (*((u_int32_t *)srcPtr));
1c79356b
A		 1052 continue;
1053 }
1054
3a60a9f5
A		 1055 /* Make sure the recordType is in native order before using it. */
1056 if (direction == kSwapBTNodeBigToHost)
1057 srcPtr[0] = SWAP_BE16 (srcPtr[0]);
1c79356b
A		 1058
1059 if (srcPtr[0] == kHFSFolderRecord) {
1060 HFSCatalogFolder *srcRec = (HFSCatalogFolder *)srcPtr;
3a60a9f5 1061 if ((char *)srcRec + sizeof(*srcRec) > nextRecord) {
cf7d32b8
A		 1062 if (direction == kSwapBTNodeHostToBig) {
1063 panic("hfs_swap_HFSBTInternalNode: catalog folder record #%d too big\n", srcDesc->numRecords-i-1);
1064 } else {
1065 printf("hfs_swap_HFSBTInternalNode: catalog folder record #%d too big\n", srcDesc->numRecords-i-1);
1066 }
3a60a9f5
A		 1067 return fsBTInvalidNodeErr;
1068 }
1c79356b
A		 1069
1070 srcRec->flags = SWAP_BE16 (srcRec->flags);
1071 srcRec->valence = SWAP_BE16 (srcRec->valence);
1072
1073 srcRec->folderID = SWAP_BE32 (srcRec->folderID);
1074 srcRec->createDate = SWAP_BE32 (srcRec->createDate);
1075 srcRec->modifyDate = SWAP_BE32 (srcRec->modifyDate);
1076 srcRec->backupDate = SWAP_BE32 (srcRec->backupDate);
1077
1078 /* Don't swap srcRec->userInfo */
1079 /* Don't swap srcRec->finderInfo */
1080 /* Don't swap resserved array */
1081
1082 } else if (srcPtr[0] == kHFSFileRecord) {
1083 HFSCatalogFile *srcRec = (HFSCatalogFile *)srcPtr;
3a60a9f5 1084 if ((char *)srcRec + sizeof(*srcRec) > nextRecord) {
cf7d32b8
A		 1085 if (direction == kSwapBTNodeHostToBig) {
1086 panic("hfs_swap_HFSBTInternalNode: catalog file record #%d too big\n", srcDesc->numRecords-i-1);
1087 } else {
1088 printf("hfs_swap_HFSBTInternalNode: catalog file record #%d too big\n", srcDesc->numRecords-i-1);
1089 }
3a60a9f5
A		 1090 return fsBTInvalidNodeErr;
1091 }
1c79356b
A		 1092
1093 srcRec->flags = srcRec->flags;
1094 srcRec->fileType = srcRec->fileType;
1095
1096 /* Don't swap srcRec->userInfo */
1097
1098 srcRec->fileID = SWAP_BE32 (srcRec->fileID);
1099
1100 srcRec->dataStartBlock = SWAP_BE16 (srcRec->dataStartBlock);
1101 srcRec->dataLogicalSize = SWAP_BE32 (srcRec->dataLogicalSize);
1102 srcRec->dataPhysicalSize = SWAP_BE32 (srcRec->dataPhysicalSize);
1103
1104 srcRec->rsrcStartBlock = SWAP_BE16 (srcRec->rsrcStartBlock);
1105 srcRec->rsrcLogicalSize = SWAP_BE32 (srcRec->rsrcLogicalSize);
1106 srcRec->rsrcPhysicalSize = SWAP_BE32 (srcRec->rsrcPhysicalSize);
1107
1108 srcRec->createDate = SWAP_BE32 (srcRec->createDate);
1109 srcRec->modifyDate = SWAP_BE32 (srcRec->modifyDate);
1110 srcRec->backupDate = SWAP_BE32 (srcRec->backupDate);
1111
1112 /* Don't swap srcRec->finderInfo */
1113
1114 srcRec->clumpSize = SWAP_BE16 (srcRec->clumpSize);
1115
2d21ac55 1116 /* Swap the two sets of extents as an array of six (three each) u_int16_t */
1c79356b
A		 1117 for (j = 0; j < kHFSExtentDensity * 2; j++) {
1118 srcRec->dataExtents[j].startBlock = SWAP_BE16 (srcRec->dataExtents[j].startBlock);
1119 srcRec->dataExtents[j].blockCount = SWAP_BE16 (srcRec->dataExtents[j].blockCount);
1120 }
1121
1122 /* Don't swap srcRec->reserved */
1123
1124 } else if ((srcPtr[0] == kHFSFolderThreadRecord) ||
1125 (srcPtr[0] == kHFSFileThreadRecord)) {
1c79356b 1126 HFSCatalogThread *srcRec = (HFSCatalogThread *)srcPtr;
3a60a9f5
A		 1127
1128 /* Make sure there is room for parentID and name length */
1129 if ((char *) &srcRec->nodeName[1] > nextRecord) {
cf7d32b8
A		 1130 if (direction == kSwapBTNodeHostToBig) {
1131 panic("hfs_swap_HFSBTInternalNode: catalog thread record #%d too big\n", srcDesc->numRecords-i-1);
1132 } else {
1133 printf("hfs_swap_HFSBTInternalNode: catalog thread record #%d too big\n", srcDesc->numRecords-i-1);
1134 }
3a60a9f5
A		 1135 return fsBTInvalidNodeErr;
1136 }
1c79356b
A		 1137
1138 /* Don't swap srcRec->reserved array */
1139
1140 srcRec->parentID = SWAP_BE32 (srcRec->parentID);
1141
1142 /* Don't swap srcRec->nodeName */
3a60a9f5
A		 1143
1144 /* Make sure there is room for the name in the buffer */
1145 if ((char *) &srcRec->nodeName[srcRec->nodeName[0]] > nextRecord) {
cf7d32b8
A		 1146 if (direction == kSwapBTNodeHostToBig) {
1147 panic("hfs_swap_HFSBTInternalNode: catalog thread record #%d name too big\n", srcDesc->numRecords-i-1);
1148 } else {
1149 printf("hfs_swap_HFSBTInternalNode: catalog thread record #%d name too big\n", srcDesc->numRecords-i-1);
1150 }
3a60a9f5
A		 1151 return fsBTInvalidNodeErr;
1152 }
1c79356b 1153 } else {
cf7d32b8
A		 1154 if (direction == kSwapBTNodeHostToBig) {
1155 panic("hfs_swap_HFSBTInternalNode: unrecognized catalog record type (0x%04X; record #%d)\n", srcPtr[0], srcDesc->numRecords-i-1);
1156 } else {
1157 printf("hfs_swap_HFSBTInternalNode: unrecognized catalog record type (0x%04X; record #%d)\n", srcPtr[0], srcDesc->numRecords-i-1);
1158 }
3a60a9f5 1159 return fsBTInvalidNodeErr;
1c79356b
A		 1160 }
1161
3a60a9f5
A		 1162 /* We can swap the record type now that we're done using it */
1163 if (direction == kSwapBTNodeHostToBig)
1164 srcPtr[0] = SWAP_BE16 (srcPtr[0]);
1c79356b
A		 1165 }
1166
1167 } else {
3a60a9f5 1168 panic ("hfs_swap_HFSBTInternalNode: fileID %u is not a system B-tree\n", fileID);
1c79356b
A		 1169 }
1170
1171 return (0);
1172}
mirror of XNU