X-Git-Url: https://wimlib.net/git/?p=wimlib;a=blobdiff_plain;f=src%2Fntfs-3g_apply.c;h=ccfd6fde54703b4531c7d3205d19987517f79c95;hp=5833d0419616e1bf53920d9ebb11c4bd2d14d3c9;hb=51df3b63c594a7e35446d2e2e19637e54240b0b2;hpb=3de1ec66f778edda19865482d685bc6f4e17faf7 diff --git a/src/ntfs-3g_apply.c b/src/ntfs-3g_apply.c index 5833d041..ccfd6fde 100644 --- a/src/ntfs-3g_apply.c +++ b/src/ntfs-3g_apply.c @@ -30,6 +30,7 @@ # include "config.h" #endif +#include #include #include @@ -110,31 +111,29 @@ sid_size(const wimlib_SID *sid) * moving the empty SACL earlier in the security descriptor or by removing the * SACL entirely. The latter work-around is valid because an empty SACL is * equivalent to a "null", or non-existent, SACL. - * - Versions up to and including 2013.1.13 reject security descriptors ending - * with an empty DACL (Discretionary Access Control List). This is very - * similar to the SACL bug and should be fixed in the next release after - * 2013.1.13. However, removing the DACL is not a valid workaround because - * this changes the meaning of the security descriptor--- an empty DACL allows - * no access, whereas a "null" DACL allows all access. + * - Versions before 2014.2.15 reject security descriptors ending with an empty + * DACL (Discretionary Access Control List). This is very similar to the SACL + * bug. However, removing the DACL is not a valid workaround because this + * changes the meaning of the security descriptor--- an empty DACL allows no + * access, whereas a "null" DACL allows all access. * * If the security descriptor was fixed, this function returns an allocated * buffer containing the fixed security descriptor, and its size is updated. - * Otherwise (or if no memory is available) the original descriptor is returned. + * Otherwise (or if no memory is available) NULL is returned. */ -static u8 * -sd_fixup(const u8 *_desc, size_t *size_p) +static void * +sd_fixup(const void *_desc, size_t *size_p) { u32 owner_offset, group_offset, dacl_offset, sacl_offset; bool owner_valid, group_valid; size_t size = *size_p; - const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc = - (const wimlib_SECURITY_DESCRIPTOR_RELATIVE*)_desc; + const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc = _desc; wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc_new; const wimlib_SID *owner, *group, *sid; /* Don't attempt to fix clearly invalid security descriptors. */ if (size < sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE)) - return (u8*)_desc; + return NULL; if (le16_to_cpu(desc->control) & wimlib_SE_DACL_PRESENT) dacl_offset = le32_to_cpu(desc->dacl_offset); @@ -147,16 +146,10 @@ sd_fixup(const u8 *_desc, size_t *size_p) sacl_offset = 0; /* Check if the security descriptor will be affected by one of the bugs. - * If not, do nothing and return. - * - * Note: HAVE_NTFS_MNT_RDONLY is defined if libntfs-3g is - * version 2013.1.13 or later. */ - if (!( - #if !defined(HAVE_NTFS_MNT_RDONLY) - (sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) || - #endif - (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL)))) - return (u8*)_desc; + * If not, do nothing and return. */ + if (!((sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) || + (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL)))) + return NULL; owner_offset = le32_to_cpu(desc->owner_offset); group_offset = le32_to_cpu(desc->group_offset); @@ -181,12 +174,12 @@ sd_fixup(const u8 *_desc, size_t *size_p) } else if (group_valid) { sid = group; } else { - return (u8*)_desc; + return NULL; } desc_new = MALLOC(size + sid_size(sid)); if (!desc_new) - return (u8*)_desc; + return NULL; memcpy(desc_new, desc, size); if (owner_valid) @@ -195,7 +188,7 @@ sd_fixup(const u8 *_desc, size_t *size_p) desc_new->group_offset = cpu_to_le32(size); memcpy((u8*)desc_new + size, sid, sid_size(sid)); *size_p = size + sid_size(sid); - return (u8*)desc_new; + return desc_new; } /* Set the security descriptor @desc of size @desc_size on the NTFS inode @ni. @@ -204,20 +197,25 @@ static int ntfs_3g_set_security_descriptor(ntfs_inode *ni, const void *desc, size_t desc_size) { struct SECURITY_CONTEXT sec_ctx; - u8 *desc_fixed; + void *desc_fixed = NULL; int ret = 0; memset(&sec_ctx, 0, sizeof(sec_ctx)); sec_ctx.vol = ni->vol; - desc_fixed = sd_fixup(desc, &desc_size); - - if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc_fixed, desc_size, 0)) +retry: + if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc, desc_size, 0)) { + if (desc_fixed == NULL) { + desc_fixed = sd_fixup(desc, &desc_size); + if (desc_fixed != NULL) { + desc = desc_fixed; + goto retry; + } + } ret = WIMLIB_ERR_SET_SECURITY; + } - if (desc_fixed != desc) - FREE(desc_fixed); - + FREE(desc_fixed); return ret; } @@ -275,7 +273,7 @@ ntfs_3g_restore_dos_name(ntfs_inode *ni, ntfs_inode *dir_ni, * UTF-16LE internally... which is annoying because we currently have * the UTF-16LE string but not the multibyte string. */ - ret = utf16le_get_tstr(dentry->short_name, dentry->short_name_nbytes, + ret = utf16le_get_tstr(dentry->d_short_name, dentry->d_short_name_nbytes, &dos_name, &dos_name_nbytes); if (ret) goto out_close; @@ -315,33 +313,84 @@ out_close: return ret; } +static int +ntfs_3g_restore_reparse_point(ntfs_inode *ni, const struct wim_inode *inode, + unsigned blob_size, struct ntfs_3g_apply_ctx *ctx) +{ + complete_reparse_point(&ctx->rpbuf, inode, blob_size); + + if (ntfs_set_ntfs_reparse_data(ni, (const char *)&ctx->rpbuf, + REPARSE_DATA_OFFSET + blob_size, 0)) + { + int err = errno; + ERROR_WITH_ERRNO("Failed to set reparse data on \"%s\"", + dentry_full_path( + inode_first_extraction_dentry(inode))); + if (err == EINVAL && !(inode->i_reparse_tag & 0x80000000)) { + WARNING("This reparse point had a non-Microsoft reparse " + "tag. The preceding error may have been caused " + "by a known bug in libntfs-3g where it does not " + "correctly validate non-Microsoft reparse " + "points. This bug may be fixed in the 2016 " + "release of libntfs-3g."); + } + return WIMLIB_ERR_SET_REPARSE_DATA; + } + + return 0; +} + +static bool +ntfs_3g_has_empty_attributes(const struct wim_inode *inode) +{ + for (unsigned i = 0; i < inode->i_num_streams; i++) { + const struct wim_inode_stream *strm = &inode->i_streams[i]; + + if (stream_blob_resolved(strm) == NULL && + (strm->stream_type == STREAM_TYPE_REPARSE_POINT || + stream_is_named_data_stream(strm))) + return true; + } + return false; +} + /* - * Create empty named data streams for the specified file, if there are any. + * Create empty attributes (named data streams and potentially a reparse point) + * for the specified file, if there are any. * * Since these won't have blob descriptors, they won't show up in the call to * extract_blob_list(). Hence the need for the special case. + * + * Keep this in sync with ntfs_3g_has_empty_attributes()! */ static int -ntfs_3g_create_empty_named_data_streams(ntfs_inode *ni, - const struct wim_inode *inode, - const struct ntfs_3g_apply_ctx *ctx) +ntfs_3g_create_empty_attributes(ntfs_inode *ni, + const struct wim_inode *inode, + struct ntfs_3g_apply_ctx *ctx) { for (unsigned i = 0; i < inode->i_num_streams; i++) { const struct wim_inode_stream *strm = &inode->i_streams[i]; + int ret; - if (!stream_is_named_data_stream(strm) || - stream_blob_resolved(strm) != NULL) + if (stream_blob_resolved(strm) != NULL) continue; - if (ntfs_attr_add(ni, AT_DATA, strm->stream_name, - utf16le_len_chars(strm->stream_name), - NULL, 0)) - { - ERROR_WITH_ERRNO("Failed to create named data stream " - "of \"%s\"", dentry_full_path( - inode_first_extraction_dentry(inode))); - return WIMLIB_ERR_NTFS_3G; + if (strm->stream_type == STREAM_TYPE_REPARSE_POINT) { + ret = ntfs_3g_restore_reparse_point(ni, inode, 0, ctx); + if (ret) + return ret; + } else if (stream_is_named_data_stream(strm)) { + if (ntfs_attr_add(ni, AT_DATA, strm->stream_name, + utf16le_len_chars(strm->stream_name), + NULL, 0)) + { + ERROR_WITH_ERRNO("Failed to create named data " + "stream of \"%s\"", + dentry_full_path( + inode_first_extraction_dentry(inode))); + return WIMLIB_ERR_NTFS_3G; + } } } return 0; @@ -380,7 +429,7 @@ ntfs_3g_set_metadata(ntfs_inode *ni, const struct wim_inode *inode, } /* Security descriptor */ - if ((inode->i_security_id >= 0) + if (inode_has_security_descriptor(inode) && !(extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS)) { const void *desc; @@ -390,15 +439,24 @@ ntfs_3g_set_metadata(ntfs_inode *ni, const struct wim_inode *inode, desc_size = sd->sizes[inode->i_security_id]; ret = ntfs_3g_set_security_descriptor(ni, desc, desc_size); - if (ret) { - if (wimlib_print_errors) { - ERROR_WITH_ERRNO("Failed to set security descriptor " - "on \"%s\" in NTFS volume", - dentry_full_path(one_dentry)); + + if (unlikely(ret)) { + int err = errno; + ERROR_WITH_ERRNO("Failed to set security descriptor on " + "\"%s\" in NTFS volume", + dentry_full_path(one_dentry)); + if (err == EINVAL && wimlib_print_errors) { fprintf(wimlib_error_file, "The security descriptor is: "); print_byte_field(desc, desc_size, wimlib_error_file); fprintf(wimlib_error_file, "\n"); + fprintf(wimlib_error_file, + "\nThis error occurred because libntfs-3g thinks " + "the security descriptor is invalid. If you " + "are extracting a Windows 10 image, this may be " + "caused by a known bug in libntfs-3g. See: " + "https://wimlib.net/forums/viewtopic.php?f=1&t=4 " + "for more information.\n\n"); } return ret; } @@ -445,8 +503,6 @@ ntfs_3g_create_dirs_recursive(ntfs_inode *dir_ni, struct wim_dentry *dir, ret = report_file_created(&ctx->common); if (!ret) ret = ntfs_3g_set_metadata(ni, child->d_inode, ctx); - if (!ret) - ret = ntfs_3g_create_empty_named_data_streams(ni, child->d_inode, ctx); if (!ret) ret = ntfs_3g_create_dirs_recursive(ni, child, ctx); @@ -482,7 +538,9 @@ ntfs_3g_create_directories(struct wim_dentry *root, root->d_inode->i_mft_no = FILE_root; - ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx); + ret = ntfs_3g_set_metadata(root_ni, root->d_inode, ctx); + if (!ret) + ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx); if (ntfs_inode_close(root_ni) && !ret) { ERROR_WITH_ERRNO("Error closing root of NTFS volume"); @@ -491,18 +549,44 @@ ntfs_3g_create_directories(struct wim_dentry *root, if (ret) return ret; - /* Set the DOS name of any directory that has one. */ + /* Set the DOS name of any directory that has one. In addition, create + * empty attributes for directories that have them. Note that creating + * an empty reparse point attribute must happen *after* setting the + * DOS name in order to work around a case where + * ntfs_set_ntfs_dos_name() fails with EOPNOTSUPP. */ list_for_each_entry(dentry, dentry_list, d_extraction_list_node) { - if (!(dentry->d_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY)) - continue; - if (!dentry_has_short_name(dentry)) + const struct wim_inode *inode = dentry->d_inode; + + if (!(inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY)) continue; - ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry, ctx->vol); - if (ret) - return ret; - ret = report_file_created(&ctx->common); - if (ret) - return ret; + if (dentry_has_short_name(dentry)) { + ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry, + ctx->vol); + if (ret) + return ret; + ret = report_file_created(&ctx->common); + if (ret) + return ret; + } + if (ntfs_3g_has_empty_attributes(inode)) { + ntfs_inode *ni; + + ret = WIMLIB_ERR_NTFS_3G; + ni = ntfs_inode_open(ctx->vol, inode->i_mft_no); + if (ni) { + ret = ntfs_3g_create_empty_attributes(ni, inode, + ctx); + if (ntfs_inode_close(ni) && !ret) + ret = WIMLIB_ERR_NTFS_3G; + } + if (ret) { + ERROR_WITH_ERRNO("Failed to create empty " + "attributes of directory " + "\"%s\" in NTFS volume", + dentry_full_path(dentry)); + return ret; + } + } } return 0; } @@ -513,17 +597,12 @@ ntfs_3g_create_directories(struct wim_dentry *root, static struct wim_dentry * ntfs_3g_first_extraction_alias(struct wim_inode *inode) { - struct list_head *next = inode->i_extraction_aliases.next; struct wim_dentry *dentry; - do { - dentry = list_entry(next, struct wim_dentry, - d_extraction_alias_node); + inode_for_each_extraction_alias(dentry, inode) if (dentry_has_short_name(dentry)) - break; - next = next->next; - } while (next != &inode->i_extraction_aliases); - return dentry; + return dentry; + return inode_first_extraction_dentry(inode); } /* @@ -563,12 +642,11 @@ fail: static int ntfs_3g_create_nondirectory(struct wim_inode *inode, - const struct ntfs_3g_apply_ctx *ctx) + struct ntfs_3g_apply_ctx *ctx) { struct wim_dentry *first_dentry; ntfs_inode *dir_ni; ntfs_inode *ni; - struct list_head *next; struct wim_dentry *dentry; int ret; @@ -624,24 +702,20 @@ ntfs_3g_create_nondirectory(struct wim_inode *inode, } /* Create additional links if present. */ - next = inode->i_extraction_aliases.next; - do { - dentry = list_entry(next, struct wim_dentry, - d_extraction_alias_node); + inode_for_each_extraction_alias(dentry, inode) { if (dentry != first_dentry) { ret = ntfs_3g_add_link(ni, dentry); if (ret) goto out_close_ni; } - next = next->next; - } while (next != &inode->i_extraction_aliases); + } /* Set metadata. */ ret = ntfs_3g_set_metadata(ni, inode, ctx); if (ret) goto out_close_ni; - ret = ntfs_3g_create_empty_named_data_streams(ni, inode, ctx); + ret = ntfs_3g_create_empty_attributes(ni, inode, ctx); out_close_ni: /* Close the inode. */ @@ -689,6 +763,7 @@ ntfs_3g_begin_extract_blob_instance(struct blob_descriptor *blob, struct ntfs_3g_apply_ctx *ctx) { struct wim_dentry *one_dentry = inode_first_extraction_dentry(inode); + ntfschar *stream_name; size_t stream_name_nchars; ntfs_attr *attr; @@ -702,8 +777,6 @@ ntfs_3g_begin_extract_blob_instance(struct blob_descriptor *blob, return WIMLIB_ERR_INVALID_REPARSE_DATA; } ctx->reparse_ptr = ctx->rpbuf.rpdata; - ctx->rpbuf.rpdatalen = cpu_to_le16(blob->size); - ctx->rpbuf.rpreserved = cpu_to_le16(0); ctx->ntfs_reparse_inodes[ctx->num_reparse_inodes] = ni; ctx->wim_reparse_inodes[ctx->num_reparse_inodes] = inode; ctx->num_reparse_inodes++; @@ -713,22 +786,29 @@ ntfs_3g_begin_extract_blob_instance(struct blob_descriptor *blob, /* It's a data stream (may be unnamed or named). */ wimlib_assert(strm->stream_type == STREAM_TYPE_DATA); - stream_name_nchars = utf16le_len_chars(strm->stream_name); + if (unlikely(stream_is_named(strm))) { + stream_name = strm->stream_name; + stream_name_nchars = utf16le_len_chars(stream_name); - if (stream_name_nchars && - (ntfs_attr_add(ni, AT_DATA, strm->stream_name, - stream_name_nchars, NULL, 0))) - { - ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"", - dentry_full_path(one_dentry)); - return WIMLIB_ERR_NTFS_3G; + if (ntfs_attr_add(ni, AT_DATA, stream_name, + stream_name_nchars, NULL, 0)) + { + ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"", + dentry_full_path(one_dentry)); + return WIMLIB_ERR_NTFS_3G; + } + } else { + /* Don't pass an empty string other than AT_UNNAMED to + * ntfs_attr_open() --- it violates assumptions made by + * libntfs-3g. */ + stream_name = AT_UNNAMED; + stream_name_nchars = 0; } /* This should be ensured by extract_blob_list() */ wimlib_assert(ctx->num_open_attrs < MAX_OPEN_FILES); - attr = ntfs_attr_open(ni, AT_DATA, strm->stream_name, - stream_name_nchars); + attr = ntfs_attr_open(ni, AT_DATA, stream_name, stream_name_nchars); if (!attr) { ERROR_WITH_ERRNO("Failed to open data stream of \"%s\"", dentry_full_path(one_dentry)); @@ -767,28 +847,27 @@ ntfs_3g_cleanup_blob_extract(struct ntfs_3g_apply_ctx *ctx) static ntfs_inode * ntfs_3g_open_inode(struct wim_inode *inode, struct ntfs_3g_apply_ctx *ctx) { - ntfs_inode *ni = NULL; + ntfs_inode *ni; - if (inode->i_visited) { - for (u32 i = 0; i < ctx->num_open_inodes; i++) { + /* If the same blob is being extracted to multiple streams of the same + * inode, then we must only open the inode once. */ + if (unlikely(inode->i_num_streams > 1)) { + for (unsigned i = 0; i < ctx->num_open_inodes; i++) { if (ctx->open_inodes[i]->mft_no == inode->i_mft_no) { - ni = ctx->open_inodes[i]; - break; + return ctx->open_inodes[i]; } } } - if (!ni) { - ni = ntfs_inode_open(ctx->vol, inode->i_mft_no); - ctx->open_inodes[ctx->num_open_inodes++] = ni; - inode->i_visited = 1; - } - if (!ni) { + ni = ntfs_inode_open(ctx->vol, inode->i_mft_no); + if (unlikely(!ni)) { ERROR_WITH_ERRNO("Can't open \"%s\" in NTFS volume", dentry_full_path( inode_first_extraction_dentry(inode))); return NULL; } + + ctx->open_inodes[ctx->num_open_inodes++] = ni; return ni; } @@ -818,21 +897,38 @@ ntfs_3g_begin_extract_blob(struct blob_descriptor *blob, void *_ctx) out_cleanup: ntfs_3g_cleanup_blob_extract(ctx); out: - for (u32 i = 0; i < blob->out_refcnt; i++) - targets[i].inode->i_visited = 0; return ret; } +/* Note: contrary to its documentation, ntfs_attr_pwrite() can return a short + * count in non-error cases --- specifically, when writing to a compressed + * attribute and the requested count exceeds the size of an NTFS "compression + * block". Therefore, we must continue calling ntfs_attr_pwrite() until all + * bytes have been written or a real error has occurred. */ +static bool +ntfs_3g_full_pwrite(ntfs_attr *na, u64 offset, size_t size, const u8 *data) +{ + while (size) { + s64 res = ntfs_attr_pwrite(na, offset, size, data); + if (unlikely(res <= 0)) + return false; + wimlib_assert(res <= size); + offset += res; + size -= res; + data += res; + } + return true; +} + static int ntfs_3g_extract_chunk(const void *chunk, size_t size, void *_ctx) { struct ntfs_3g_apply_ctx *ctx = _ctx; - s64 res; for (unsigned i = 0; i < ctx->num_open_attrs; i++) { - res = ntfs_attr_pwrite(ctx->open_attrs[i], - ctx->offset, size, chunk); - if (res != size) { + if (!ntfs_3g_full_pwrite(ctx->open_attrs[i], + ctx->offset, size, chunk)) + { ERROR_WITH_ERRNO("Error writing data to NTFS volume"); return WIMLIB_ERR_NTFS_3G; } @@ -855,22 +951,11 @@ ntfs_3g_end_extract_blob(struct blob_descriptor *blob, int status, void *_ctx) } for (u32 i = 0; i < ctx->num_reparse_inodes; i++) { - struct wim_inode *inode = ctx->wim_reparse_inodes[i]; - - ctx->rpbuf.rptag = cpu_to_le32(inode->i_reparse_tag); - - if (ntfs_set_ntfs_reparse_data(ctx->ntfs_reparse_inodes[i], - (const char *)&ctx->rpbuf, - blob->size + REPARSE_DATA_OFFSET, - 0)) - { - ERROR_WITH_ERRNO("Failed to set reparse " - "data on \"%s\"", - dentry_full_path( - inode_first_extraction_dentry(inode))); - ret = WIMLIB_ERR_NTFS_3G; + ret = ntfs_3g_restore_reparse_point(ctx->ntfs_reparse_inodes[i], + ctx->wim_reparse_inodes[i], + blob->size, ctx); + if (ret) goto out; - } } ret = 0; out: @@ -881,11 +966,11 @@ out: return ret; } -static uint64_t +static u64 ntfs_3g_count_dentries(const struct list_head *dentry_list) { const struct wim_dentry *dentry; - uint64_t count = 0; + u64 count = 0; list_for_each_entry(dentry, dentry_list, d_extraction_list_node) { count++; @@ -942,13 +1027,11 @@ ntfs_3g_extract(struct list_head *dentry_list, struct apply_ctx *_ctx) goto out_unmount; /* Extract blobs. */ - struct read_blob_list_callbacks cbs = { - .begin_blob = ntfs_3g_begin_extract_blob, - .begin_blob_ctx = ctx, - .consume_chunk = ntfs_3g_extract_chunk, - .consume_chunk_ctx = ctx, - .end_blob = ntfs_3g_end_extract_blob, - .end_blob_ctx = ctx, + struct read_blob_callbacks cbs = { + .begin_blob = ntfs_3g_begin_extract_blob, + .consume_chunk = ntfs_3g_extract_chunk, + .end_blob = ntfs_3g_end_extract_blob, + .ctx = ctx, }; ret = extract_blob_list(&ctx->common, &cbs);