|
|
/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
CheckSup.c
Abstract:
This module implements check routines for Ntfs structures.
Author:
Tom Miller [TomM] 14-4-92
Revision History:
--*/
#include "NtfsProc.h"
//
// Array for log records which require a target attribute.
// A TRUE indicates that the corresponding restart operation
// requires a target attribute.
//
BOOLEAN TargetAttributeRequired[] = {FALSE, FALSE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, FALSE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, TRUE, FALSE, FALSE, FALSE, FALSE, TRUE, FALSE, FALSE, FALSE, FALSE, TRUE, TRUE };
//
// Local procedure prototypes
//
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE, NtfsCheckAttributeRecord)
#pragma alloc_text(PAGE, NtfsCheckFileRecord)
#pragma alloc_text(PAGE, NtfsCheckIndexBuffer)
#pragma alloc_text(PAGE, NtfsCheckIndexHeader)
#pragma alloc_text(PAGE, NtfsCheckIndexRoot)
#pragma alloc_text(PAGE, NtfsCheckLogRecord)
#pragma alloc_text(PAGE, NtfsCheckRestartTable)
#endif
�BOOLEANNtfsCheckFileRecord ( IN PVCB Vcb, IN PFILE_RECORD_SEGMENT_HEADER FileRecord, IN PFILE_REFERENCE FileReference OPTIONAL, OUT PULONG CorruptionHint )
/*++
Routine Description:
Consistency check for file records.
Arguments:
Vcb - the vcb it belongs to
FileRecord - the filerecord to check
FileReference - if specified double check the sequence number and self ref. fileref against it
CorruptionHint - hint for debugging on where corruption occured;
Return Value:
FALSE - if the file record is not valid TRUE - if it is
--*/{ PATTRIBUTE_RECORD_HEADER Attribute; PFILE_RECORD_SEGMENT_HEADER EndOfFileRecord; ULONG BytesPerFileRecordSegment = Vcb->BytesPerFileRecordSegment; BOOLEAN StandardInformationSeen = FALSE; ULONG BytesInOldHeader;
PAGED_CODE();
*CorruptionHint = 0;
EndOfFileRecord = Add2Ptr( FileRecord, BytesPerFileRecordSegment );
//
// Check the file record header for consistency.
//
if ((*(PULONG)FileRecord->MultiSectorHeader.Signature != *(PULONG)FileSignature)
||
((ULONG)FileRecord->MultiSectorHeader.UpdateSequenceArrayOffset > (SEQUENCE_NUMBER_STRIDE - (PAGE_SIZE / SEQUENCE_NUMBER_STRIDE + 1) * sizeof(USHORT)))
||
((ULONG)((FileRecord->MultiSectorHeader.UpdateSequenceArraySize - 1) * SEQUENCE_NUMBER_STRIDE) != BytesPerFileRecordSegment)
||
!FlagOn(FileRecord->Flags, FILE_RECORD_SEGMENT_IN_USE)) {
DebugTrace( 0, 0, ("Invalid file record: %08lx\n", FileRecord) );
*CorruptionHint = 1; ASSERTMSG( "Invalid resident file record\n", FALSE ); return FALSE; }
BytesInOldHeader = QuadAlign( sizeof( FILE_RECORD_SEGMENT_HEADER_V0 ) + (UpdateSequenceArraySize( BytesPerFileRecordSegment ) - 1) * sizeof( USHORT ));
//
// Offset bounds checks
//
if ((FileRecord->FirstFreeByte > BytesPerFileRecordSegment) || (FileRecord->FirstFreeByte < BytesInOldHeader) ||
(FileRecord->BytesAvailable != BytesPerFileRecordSegment) ||
(((ULONG)FileRecord->FirstAttributeOffset < BytesInOldHeader) || ((ULONG)FileRecord->FirstAttributeOffset > BytesPerFileRecordSegment - SIZEOF_RESIDENT_ATTRIBUTE_HEADER)) ||
(!IsQuadAligned( FileRecord->FirstAttributeOffset ))) {
*CorruptionHint = 2; ASSERTMSG( "Out of bound offset in frs\n", FALSE ); return FALSE; }
//
// Optional fileref number check
//
if (ARGUMENT_PRESENT( FileReference )) {
if ((FileReference->SequenceNumber != FileRecord->SequenceNumber) || ((FileRecord->FirstAttributeOffset > BytesInOldHeader) && ((FileRecord->SegmentNumberHighPart != FileReference->SegmentNumberHighPart) || (FileRecord->SegmentNumberLowPart != FileReference->SegmentNumberLowPart)))) {
*CorruptionHint = 3; ASSERTMSG( "Filerecord fileref doesn't match expected value\n", FALSE ); return FALSE; } }
//
// Loop to check all of the attributes.
//
for (Attribute = NtfsFirstAttribute(FileRecord); Attribute->TypeCode != $END; Attribute = NtfsGetNextRecord(Attribute)) {
// if (!StandardInformationSeen &&
// (Attribute->TypeCode != $STANDARD_INFORMATION) &&
// XxEqlZero(FileRecord->BaseFileRecordSegment)) {
//
// DebugTrace( 0, 0, ("Standard Information missing: %08lx\n", Attribute) );
//
// ASSERTMSG( "Standard Information missing\n", FALSE );
// return FALSE;
// }
StandardInformationSeen = TRUE;
if (!NtfsCheckAttributeRecord( Vcb, FileRecord, Attribute, FALSE, CorruptionHint )) {
return FALSE; } } return TRUE;}
�BOOLEANNtfsCheckAttributeRecord ( IN PVCB Vcb, IN PFILE_RECORD_SEGMENT_HEADER FileRecord, IN PATTRIBUTE_RECORD_HEADER Attribute, IN ULONG CheckHeaderOnly, IN PULONG CorruptionHint )
{ PVOID NextAttribute; PVOID EndOfFileRecord; PVOID FirstFreeByte; PVOID Data; ULONG Length; ULONG BytesPerFileRecordSegment = Vcb->BytesPerFileRecordSegment;
PAGED_CODE();
EndOfFileRecord = Add2Ptr( FileRecord, BytesPerFileRecordSegment ); FirstFreeByte = Add2Ptr( FileRecord, FileRecord->FirstFreeByte );
//
// Do an alignment check before creating a ptr based on this value
//
if (!IsQuadAligned( Attribute->RecordLength )) {
*CorruptionHint = Attribute->TypeCode + 0xc; ASSERTMSG( "Misaligned attribute length\n", FALSE ); return FALSE; }
NextAttribute = NtfsGetNextRecord(Attribute);
//
// Check the fixed part of the attribute record header.
//
if ((Attribute->RecordLength >= BytesPerFileRecordSegment)
||
(NextAttribute >= EndOfFileRecord)
||
(FlagOn(Attribute->NameOffset, 1) != 0)
||
((Attribute->NameLength != 0) && (((ULONG)Attribute->NameOffset + (ULONG)Attribute->NameLength) > Attribute->RecordLength))) {
DebugTrace( 0, 0, ("Invalid attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 1; ASSERTMSG( "Invalid attribute record header\n", FALSE ); return FALSE; }
if (NextAttribute > FirstFreeByte) { *CorruptionHint = Attribute->TypeCode + 2; ASSERTMSG( "Attributes beyond first free byte\n", FALSE ); return FALSE; }
//
// Check the resident attribute fields.
//
if (Attribute->FormCode == RESIDENT_FORM) {
if ((Attribute->Form.Resident.ValueLength >= Attribute->RecordLength) ||
(((ULONG)Attribute->Form.Resident.ValueOffset + Attribute->Form.Resident.ValueLength) > Attribute->RecordLength) ||
(!IsQuadAligned( Attribute->Form.Resident.ValueOffset ))) {
DebugTrace( 0, 0, ("Invalid resident attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 3; ASSERTMSG( "Invalid resident attribute record header\n", FALSE ); return FALSE; }
//
// Check the nonresident attribute fields
//
} else if (Attribute->FormCode == NONRESIDENT_FORM) {
VCN CurrentVcn, NextVcn; LCN CurrentLcn; LONGLONG Change; PCHAR ch; ULONG VcnBytes; ULONG LcnBytes;
if ((Attribute->Form.Nonresident.LowestVcn > (Attribute->Form.Nonresident.HighestVcn + 1))
||
((ULONG)Attribute->Form.Nonresident.MappingPairsOffset >= Attribute->RecordLength)
||
(Attribute->Form.Nonresident.ValidDataLength < 0) || (Attribute->Form.Nonresident.FileSize < 0) || (Attribute->Form.Nonresident.AllocatedLength < 0)
||
(Attribute->Form.Nonresident.ValidDataLength > Attribute->Form.Nonresident.FileSize)
||
(Attribute->Form.Nonresident.FileSize > Attribute->Form.Nonresident.AllocatedLength)) {
DebugTrace( 0, 0, ("Invalid nonresident attribute record header: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 4; ASSERTMSG( "Invalid nonresident attribute record header\n", FALSE ); return FALSE; }
if (CheckHeaderOnly) { return TRUE; }
//
// Implement the decompression algorithm, as defined in ntfs.h.
// (This code should look remarkably similar to what goes on in
// NtfsLookupAllocation!)
//
NextVcn = Attribute->Form.Nonresident.LowestVcn; CurrentLcn = 0; ch = (PCHAR)Attribute + Attribute->Form.Nonresident.MappingPairsOffset;
//
// Loop to process mapping pairs, insuring we do not run off the end
// of the attribute, and that we do not map to nonexistant Lcns.
//
while (!IsCharZero(*ch)) {
//
// Set Current Vcn from initial value or last pass through loop.
//
CurrentVcn = NextVcn;
//
// Extract the counts from the two nibbles of this byte.
//
VcnBytes = *ch & 0xF; LcnBytes = *ch++ >> 4;
//
// Neither of these should be larger than a VCN.
//
if ((VcnBytes > sizeof( VCN )) || (LcnBytes > sizeof( VCN ))) {
DebugTrace( 0, 0, ("Invalid maping pair byte count: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 5; ASSERTMSG( "Invalid maping pair byte count\n", FALSE ); return FALSE; }
//
// Extract the Vcn change (use of RtlCopyMemory works for little-Endian)
// and update NextVcn.
//
Change = 0;
//
// Make sure we are not going beyond the end of the attribute
// record, and that the Vcn change is not negative or zero.
//
if (((ULONG_PTR)(ch + VcnBytes + LcnBytes + 1) > (ULONG_PTR)NextAttribute)
||
IsCharLtrZero(*(ch + VcnBytes - 1))) {
DebugTrace( 0, 0, ("Invalid maping pairs array: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 6; ASSERTMSG( "Invalid maping pairs array\n", FALSE ); return FALSE; }
RtlCopyMemory( &Change, ch, VcnBytes ); ch += VcnBytes; NextVcn = NextVcn + Change;
//
// Extract the Lcn change and update CurrentLcn.
//
Change = 0; if (IsCharLtrZero(*(ch + LcnBytes - 1))) { Change = Change - 1; } RtlCopyMemory( &Change, ch, LcnBytes ); ch += LcnBytes; CurrentLcn = CurrentLcn + Change;
if ((LcnBytes != 0) && ((CurrentLcn + (NextVcn - CurrentVcn) - 1) > Vcb->TotalClusters)) {
DebugTrace( 0, 0, ("Invalid Lcn: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 7; ASSERTMSG( "Invalid Lcn\n", FALSE ); return FALSE; } }
//
// Finally, check HighestVcn.
//
if (NextVcn != (Attribute->Form.Nonresident.HighestVcn + 1)) {
DebugTrace( 0, 0, ("Disagreement with mapping pairs: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 8; ASSERTMSG( "Disagreement with mapping pairs\n", FALSE ); return FALSE; }
} else {
DebugTrace( 0, 0, ("Invalid attribute form code: %08lx\n", Attribute) );
ASSERTMSG( "Invalid attribute form code\n", FALSE ); return FALSE; }
//
// Now check the attributes by type code, if they are resident. Not all
// attributes require specific checks (such as $STANDARD_INFORMATION and $DATA).
//
if (CheckHeaderOnly || !NtfsIsAttributeResident( Attribute )) {
return TRUE; }
Data = NtfsAttributeValue(Attribute); Length = Attribute->Form.Resident.ValueLength;
switch (Attribute->TypeCode) {
case $FILE_NAME:
{ if ((ULONG)((PFILE_NAME)Data)->FileNameLength * sizeof( WCHAR ) > (Length - (ULONG)sizeof(FILE_NAME) + sizeof( WCHAR ))) {
DebugTrace( 0, 0, ("Invalid File Name attribute: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 9; ASSERTMSG( "Invalid File Name attribute\n", FALSE ); return FALSE; } break; }
case $INDEX_ROOT:
{ return NtfsCheckIndexRoot( Vcb, (PINDEX_ROOT)Data, Length ); }
case $STANDARD_INFORMATION:
{ if (Length < sizeof( STANDARD_INFORMATION ) && Length != SIZEOF_OLD_STANDARD_INFORMATION) { DebugTrace( 0, 0, ("Invalid Standard Information attribute: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 0xa; ASSERTMSG( "Invalid Standard Information attribute size\n", FALSE ); return FALSE; }
break; }
case $ATTRIBUTE_LIST: case $OBJECT_ID: case $SECURITY_DESCRIPTOR: case $VOLUME_NAME: case $VOLUME_INFORMATION: case $DATA: case $INDEX_ALLOCATION: case $BITMAP: case $REPARSE_POINT: case $EA_INFORMATION: case $EA: case $LOGGED_UTILITY_STREAM:
break;
default:
{ DebugTrace( 0, 0, ("Bad Attribute type code: %08lx\n", Attribute) );
*CorruptionHint = Attribute->TypeCode + 0xb; ASSERTMSG( "Bad Attribute type code\n", FALSE ); return FALSE; } } return TRUE;}
�BOOLEANNtfsCheckIndexRoot ( IN PVCB Vcb, IN PINDEX_ROOT IndexRoot, IN ULONG AttributeSize )
{ UCHAR ShiftValue; PAGED_CODE();
//
// Check whether this index root uses clusters or if the cluster size is larger than
// the index block.
//
if (IndexRoot->BytesPerIndexBuffer >= Vcb->BytesPerCluster) {
ShiftValue = (UCHAR) Vcb->ClusterShift;
} else {
ShiftValue = DEFAULT_INDEX_BLOCK_BYTE_SHIFT; }
if ((AttributeSize < sizeof(INDEX_ROOT))
||
((IndexRoot->IndexedAttributeType != $FILE_NAME) && (IndexRoot->IndexedAttributeType != $UNUSED))
||
((IndexRoot->IndexedAttributeType == $FILE_NAME) && (IndexRoot->CollationRule != COLLATION_FILE_NAME))
||
(IndexRoot->BytesPerIndexBuffer != BytesFromIndexBlocks( IndexRoot->BlocksPerIndexBuffer, ShiftValue ))
||
((IndexRoot->BlocksPerIndexBuffer != 1) && (IndexRoot->BlocksPerIndexBuffer != 2) && (IndexRoot->BlocksPerIndexBuffer != 4) && (IndexRoot->BlocksPerIndexBuffer != 8) && (IndexRoot->BlocksPerIndexBuffer != 16) && (IndexRoot->BlocksPerIndexBuffer != 32) && (IndexRoot->BlocksPerIndexBuffer != 64) && (IndexRoot->BlocksPerIndexBuffer != 128))) {
DebugTrace( 0, 0, ("Bad Index Root: %08lx\n", IndexRoot) );
ASSERTMSG( "Bad Index Root\n", FALSE ); return FALSE; }
return NtfsCheckIndexHeader( &IndexRoot->IndexHeader, AttributeSize - sizeof(INDEX_ROOT) + sizeof(INDEX_HEADER) );}
�BOOLEANNtfsCheckIndexBuffer ( IN PSCB Scb, IN PINDEX_ALLOCATION_BUFFER IndexBuffer )
{ ULONG BytesPerIndexBuffer = Scb->ScbType.Index.BytesPerIndexBuffer;
PAGED_CODE();
//
// Check the index buffer for consistency.
//
if ((*(PULONG)IndexBuffer->MultiSectorHeader.Signature != *(PULONG)IndexSignature)
||
((ULONG)IndexBuffer->MultiSectorHeader.UpdateSequenceArrayOffset > (SEQUENCE_NUMBER_STRIDE - (PAGE_SIZE / SEQUENCE_NUMBER_STRIDE + 1) * sizeof(USHORT)))
||
((ULONG)((IndexBuffer->MultiSectorHeader.UpdateSequenceArraySize - 1) * SEQUENCE_NUMBER_STRIDE) != BytesPerIndexBuffer)) {
DebugTrace( 0, 0, ("Invalid Index Buffer: %08lx\n", IndexBuffer) );
ASSERTMSG( "Invalid resident Index Buffer\n", FALSE ); return FALSE; }
return NtfsCheckIndexHeader( &IndexBuffer->IndexHeader, BytesPerIndexBuffer - FIELD_OFFSET(INDEX_ALLOCATION_BUFFER, IndexHeader) );}
�BOOLEANNtfsCheckIndexHeader ( IN PINDEX_HEADER IndexHeader, IN ULONG BytesAvailable )
{ PINDEX_ENTRY IndexEntry, NextIndexEntry; PINDEX_ENTRY EndOfIndex; ULONG MinIndexEntry = sizeof(INDEX_ENTRY);
PAGED_CODE();
if (FlagOn(IndexHeader->Flags, INDEX_NODE)) {
MinIndexEntry += sizeof(VCN); }
if ((IndexHeader->FirstIndexEntry > (BytesAvailable - MinIndexEntry))
||
(IndexHeader->FirstFreeByte > BytesAvailable)
||
(IndexHeader->BytesAvailable > BytesAvailable)
||
((IndexHeader->FirstIndexEntry + MinIndexEntry) > IndexHeader->FirstFreeByte)
||
(IndexHeader->FirstFreeByte > IndexHeader->BytesAvailable)) {
DebugTrace( 0, 0, ("Bad Index Header: %08lx\n", IndexHeader) );
ASSERTMSG( "Bad Index Header\n", FALSE ); return FALSE; }
IndexEntry = NtfsFirstIndexEntry(IndexHeader);
EndOfIndex = Add2Ptr(IndexHeader, IndexHeader->FirstFreeByte);
while (TRUE) {
NextIndexEntry = NtfsNextIndexEntry(IndexEntry);
if (((ULONG)IndexEntry->Length < MinIndexEntry)
||
(NextIndexEntry > EndOfIndex)
||
// ((ULONG)IndexEntry->AttributeLength >
// ((ULONG)IndexEntry->Length - MinIndexEntry))
//
// ||
(BooleanFlagOn(IndexEntry->Flags, INDEX_ENTRY_NODE) != BooleanFlagOn(IndexHeader->Flags, INDEX_NODE))) {
DebugTrace( 0, 0, ("Bad Index Entry: %08lx\n", IndexEntry) );
ASSERTMSG( "Bad Index Entry\n", FALSE ); return FALSE; }
if (FlagOn(IndexEntry->Flags, INDEX_ENTRY_END)) { break; } IndexEntry = NextIndexEntry; } return TRUE;}
�BOOLEANNtfsCheckLogRecord ( IN PNTFS_LOG_RECORD_HEADER LogRecord, IN ULONG LogRecordLength, IN TRANSACTION_ID TransactionId, IN ULONG AttributeEntrySize )
{ BOOLEAN ValidLogRecord = FALSE; PAGED_CODE();
//
// We make the following checks on the log record.
//
// - Minimum length must contain an NTFS_LOG_RECORD_HEADER
// - Transaction Id must be a valid value (a valid index offset)
//
// The following are values in the log record.
//
// - Redo/Undo offset must be quadaligned
// - Redo/Undo offset + length must be contained in the log record
// - Target attribute must be a valid value (either 0 or valid index offset)
// - Record offset must be quad-aligned and less than the file record size.
// - Log record size must be sufficient for Lcn's to follow.
//
// Use the separate assert messages in order to identify the error (used the same text so
// the compiler can still optimize).
//
if (LogRecordLength < sizeof( NTFS_LOG_RECORD_HEADER )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (TransactionId == 0) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((TransactionId - sizeof( RESTART_TABLE )) % sizeof( TRANSACTION_ENTRY )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (FlagOn( LogRecord->RedoOffset, 7 )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (FlagOn( LogRecord->UndoOffset, 7 )) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((ULONG) LogRecord->RedoOffset + LogRecord->RedoLength > LogRecordLength) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if ((LogRecord->UndoOperation != CompensationLogRecord) && ((ULONG) LogRecord->UndoOffset + LogRecord->UndoLength > LogRecordLength)) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else if (LogRecordLength < (sizeof( NTFS_LOG_RECORD_HEADER ) + ((LogRecord->LcnsToFollow != 0) ? (sizeof( LCN ) * (LogRecord->LcnsToFollow - 1)) : 0))) {
ASSERTMSG( "Invalid log record\n", FALSE );
//
// NOTE: The next two clauses test different cases for the TargetAttribute in
// the log record. Don't add any tests after this point as the ValidLogRecord
// value is set to TRUE internally and no other checks take place.
//
} else if (LogRecord->TargetAttribute == 0) {
if (((LogRecord->RedoOperation <= UpdateRecordDataAllocation) && TargetAttributeRequired[LogRecord->RedoOperation]) || ((LogRecord->UndoOperation <= UpdateRecordDataAllocation) && TargetAttributeRequired[LogRecord->UndoOperation])) {
ASSERTMSG( "Invalid log record\n", FALSE );
} else {
ValidLogRecord = TRUE; }
//
// Read the note above if changing this.
//
} else if ((LogRecord->RedoOperation != ForgetTransaction) && ((LogRecord->TargetAttribute - sizeof( RESTART_TABLE )) % AttributeEntrySize)) {
ASSERTMSG( "Invalid log record\n", FALSE );
//
// Read the note above if changing this.
//
} else {
ValidLogRecord = TRUE; }
return ValidLogRecord;}
�BOOLEANNtfsCheckRestartTable ( IN PRESTART_TABLE RestartTable, IN ULONG TableSize ){ ULONG ActualTableSize; ULONG Index; PDIRTY_PAGE_ENTRY_V0 NextEntry;
PAGED_CODE();
//
// We want to make the following checks.
//
// EntrySize - Must be less than table size and non-zero.
//
// NumberEntries - The table size must contain at least this many entries
// plus the table header.
//
// NumberAllocated - Must be less than/equal to NumberEntries
//
// FreeGoal - Must lie in the table.
//
// FirstFree
// LastFree - Must either be 0 or be on a restart entry boundary.
//
if ((RestartTable->EntrySize == 0) || (RestartTable->EntrySize > TableSize) || ((RestartTable->EntrySize + sizeof( RESTART_TABLE )) > TableSize) || (((TableSize - sizeof( RESTART_TABLE )) / RestartTable->EntrySize) < RestartTable->NumberEntries) || (RestartTable->NumberAllocated > RestartTable->NumberEntries)) {
ASSERTMSG( "Invalid Restart Table sizes\n", FALSE ); return FALSE; }
ActualTableSize = (RestartTable->EntrySize * RestartTable->NumberEntries) + sizeof( RESTART_TABLE );
if ((RestartTable->FirstFree > ActualTableSize) || (RestartTable->LastFree > ActualTableSize) || ((RestartTable->FirstFree != 0) && (RestartTable->FirstFree < sizeof( RESTART_TABLE ))) || ((RestartTable->LastFree != 0) && (RestartTable->LastFree < sizeof( RESTART_TABLE )))) {
ASSERTMSG( "Invalid Restart Table List Head\n", FALSE ); return FALSE; }
//
// Make a pass through the table verifying that each entry
// is either allocated or points to a valid offset in the
// table.
//
for (Index = 0;Index < RestartTable->NumberEntries; Index++) {
NextEntry = Add2Ptr( RestartTable, ((Index * RestartTable->EntrySize) + sizeof( RESTART_TABLE )));
if ((NextEntry->AllocatedOrNextFree != RESTART_ENTRY_ALLOCATED) && (NextEntry->AllocatedOrNextFree != 0) && ((NextEntry->AllocatedOrNextFree < sizeof( RESTART_TABLE )) || (((NextEntry->AllocatedOrNextFree - sizeof( RESTART_TABLE )) % RestartTable->EntrySize) != 0))) {
ASSERTMSG( "Invalid Restart Table Entry\n", FALSE ); return FALSE; } }
//
// Walk through the list headed by the first entry to make sure none
// of the entries are currently being used.
//
for (Index = RestartTable->FirstFree; Index != 0; Index = NextEntry->AllocatedOrNextFree) {
if (Index == RESTART_ENTRY_ALLOCATED) {
ASSERTMSG( "Invalid Restart Table Free List\n", FALSE ); return FALSE; }
NextEntry = Add2Ptr( RestartTable, Index ); }
return TRUE;}
|
