diff options
| author | Christophe Grenier <[email protected]> | 2024-01-30 20:40:12 +0100 |
|---|---|---|
| committer | Christophe Grenier <[email protected]> | 2024-01-30 20:40:12 +0100 |
| commit | 4efd6de3bcc536f5d9490fbbf315e3effea52dd7 (patch) | |
| tree | 2e218649a9e26ae4a5d16b3bbff41db833051c58 | |
| parent | 716c6aaf04b29666fe551184a9e67ae3f9b7cff4 (diff) | |
A lot of frama-c annotations or code disabling
| -rw-r--r-- | src/Makefile.am | 11 | ||||
| -rw-r--r-- | src/common.c | 10 | ||||
| -rw-r--r-- | src/common.h | 111 | ||||
| -rw-r--r-- | src/dir.c | 47 | ||||
| -rw-r--r-- | src/dir.h | 2 | ||||
| -rw-r--r-- | src/fat.c | 114 | ||||
| -rw-r--r-- | src/fat.h | 12 | ||||
| -rw-r--r-- | src/fat_dir.c | 39 | ||||
| -rw-r--r-- | src/fidentify.c | 5 | ||||
| -rw-r--r-- | src/file_bmp.c | 6 | ||||
| -rw-r--r-- | src/file_jpg.c | 3 | ||||
| -rw-r--r-- | src/file_sig.c | 3 | ||||
| -rw-r--r-- | src/file_tar.c | 2 | ||||
| -rw-r--r-- | src/fnctdsk.c | 54 | ||||
| -rw-r--r-- | src/fnctdsk.h | 7 | ||||
| -rw-r--r-- | src/hdaccess.c | 26 | ||||
| -rw-r--r-- | src/intrf.c | 15 | ||||
| -rw-r--r-- | src/intrf.h | 2 | ||||
| -rw-r--r-- | src/iso.c | 3 | ||||
| -rw-r--r-- | src/list.h | 12 | ||||
| -rw-r--r-- | src/list_sort.c | 19 | ||||
| -rw-r--r-- | src/log.c | 12 | ||||
| -rw-r--r-- | src/ntfs_dir.c | 1 | ||||
| -rw-r--r-- | src/partgpt.c | 6 | ||||
| -rw-r--r-- | src/parti386.c | 2 | ||||
| -rw-r--r-- | src/partmac.c | 2 | ||||
| -rw-r--r-- | src/partnone.c | 16 | ||||
| -rw-r--r-- | src/partsun.c | 2 | ||||
| -rw-r--r-- | src/phcfg.c | 6 | ||||
| -rw-r--r-- | src/photorec.c | 114 | ||||
| -rw-r--r-- | src/unicode.c | 4 | ||||
| -rw-r--r-- | src/unicode.h | 4 |
32 files changed, 566 insertions, 106 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index 4ddc6f8a..15d9468f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -6,7 +6,6 @@ FRAMA_C_FLAGS=-machdep x86_64 \ -warn-signed-overflow \ -warn-unsigned-downcast \ -warn-unsigned-overflow \ - -c11 \ -rte \ -eva \ -eva-slevel 6 \ @@ -17,7 +16,7 @@ FRAMA_C_FLAGS=-machdep x86_64 \ -wp-dynamic \ -wp-steps 100000 \ -wp-split -wp-literals \ - -wp-timeout 5 -pp-annot \ + -wp-timeout 2 -pp-annot \ -kernel-msg-key pp .rc.o: @@ -38,14 +37,14 @@ EXTRA_PROGRAMS = photorecf fuzzerfidentify smallbase_C = common.c crc.c ext2_common.c fat_common.c log.c misc.c setdate.c smallbase_H = common.h crc.h ext2_common.h fat_common.h log.h misc.h setdate.h -base_C = $(smallbase_C) apfs_common.c autoset.c ewf.c fnctdsk.c hdaccess.c hdcache.c hdwin32.c hidden.c hpa_dco.c intrf.c iso.c list_sort.c log_part.c msdos.c parti386.c partgpt.c parthumax.c partmac.c partsun.c partnone.c partxbox.c io_redir.c ntfs_io.c ntfs_utl.c partauto.c sudo.c unicode.c win32.c -base_H = $(smallbase_H) apfs_common.h alignio.h autoset.h ewf.h fnctdsk.h hdaccess.h hdwin32.h hidden.h guid_cmp.h guid_cpy.h hdcache.h hpa_dco.h intrf.h iso.h iso9660.h lang.h list.h list_add_sorted.h list_add_sorted_uniq.h list_sort.h log_part.h types.h io_redir.h msdos.h ntfs_utl.h parti386.h partgpt.h parthumax.h partmac.h partsun.h partxbox.h partauto.h sudo.h unicode.h win32.h +base_C = $(smallbase_C) apfs_common.c autoset.c ewf.c fnctdsk.c hdaccess.c hdcache.c hdwin32.c hidden.c hpa_dco.c intrf.c iso.c list_sort.c log_part.c msdos.c parti386.c partgpt.c parthumax.c partmac.c partsun.c partnone.c partxbox.c ntfs_io.c ntfs_utl.c partauto.c sudo.c unicode.c win32.c +base_H = $(smallbase_H) apfs_common.h alignio.h autoset.h ewf.h fnctdsk.h hdaccess.h hdwin32.h hidden.h guid_cmp.h guid_cpy.h hdcache.h hpa_dco.h intrf.h iso.h iso9660.h lang.h list.h list_add_sorted.h list_add_sorted_uniq.h list_sort.h log_part.h types.h msdos.h ntfs_utl.h parti386.h partgpt.h parthumax.h partmac.h partsun.h partxbox.h partauto.h sudo.h unicode.h win32.h fs_C = analyse.c apfs.c bfs.c bsd.c btrfs.c cramfs.c exfat.c ext2.c fat.c fatx.c f2fs.c jfs.c gfs2.c hfs.c hfsp.c hpfs.c luks.c lvm.c md.c netware.c ntfs.c refs.c rfs.c savehdr.c sun.c swap.c sysv.c ufs.c vmfs.c wbfs.c xfs.c zfs.c fs_H = analyse.h apfs.h bfs.h bsd.h btrfs.h cramfs.h exfat.h ext2.h fat.h fatx.h f2fs.h f2fs_fs.h jfs_superblock.h jfs.h gfs2.h hfs.h hfsp.h hpfs.h hfsp_struct.h luks.h luks_struct.h lvm.h md.h netware.h ntfs.h ntfs_struct.h refs.h rfs.h savehdr.h sun.h swap.h sysv.h ufs.h vmfs.h wbfs.h xfs.h xfs_struct.h zfs.h -testdisk_ncurses_C = addpart.c addpartn.c adv.c askloc.c chgarch.c chgarchn.c chgtype.c chgtypen.c dimage.c dirn.c dirpart.c diskacc.c diskcapa.c edit.c ext2_sb.c ext2_sbn.c fat1x.c fat32.c fat_adv.c fat_cluster.c fatn.c geometry.c geometryn.c godmode.c hiddenn.c intrface.c intrfn.c nodisk.c ntfs_adv.c ntfs_fix.c ntfs_udl.c parti386n.c partgptn.c partmacn.c partsunn.c partxboxn.c tanalyse.c tbanner.c tdelete.c tdiskop.c tdisksel.c testdisk.c texfat.c thfs.c tload.c tlog.c tmbrcode.c tntfs.c toptions.c tpartwr.c -testdisk_ncurses_H = addpart.h addpartn.h adv.h askloc.h chgarch.h chgarchn.h chgtype.h chgtypen.h dimage.h dirn.h dirpart.h diskacc.h diskcapa.h edit.h ext2_sb.h ext2_sbn.h fat1x.h fat32.h fat_adv.h fat_cluster.h fatn.h geometry.h geometryn.h godmode.h hiddenn.h intrface.h intrfn.h nodisk.h ntfs_adv.h ntfs_fix.h ntfs_udl.h partgptn.h parti386n.h partmacn.h partsunn.h partxboxn.h tanalyse.h tdelete.h tdiskop.h tdisksel.h texfat.h thfs.h tload.h tlog.h tmbrcode.h tntfs.h toptions.h tpartwr.h +testdisk_ncurses_C = addpart.c addpartn.c adv.c askloc.c chgarch.c chgarchn.c chgtype.c chgtypen.c dimage.c dirn.c dirpart.c diskacc.c diskcapa.c edit.c ext2_sb.c ext2_sbn.c fat1x.c fat32.c fat_adv.c fat_cluster.c fatn.c geometry.c geometryn.c godmode.c hiddenn.c intrface.c intrfn.c io_redir.c nodisk.c ntfs_adv.c ntfs_fix.c ntfs_udl.c parti386n.c partgptn.c partmacn.c partsunn.c partxboxn.c tanalyse.c tbanner.c tdelete.c tdiskop.c tdisksel.c testdisk.c texfat.c thfs.c tload.c tlog.c tmbrcode.c tntfs.c toptions.c tpartwr.c +testdisk_ncurses_H = addpart.h addpartn.h adv.h askloc.h chgarch.h chgarchn.h chgtype.h chgtypen.h dimage.h dirn.h dirpart.h diskacc.h diskcapa.h edit.h exfat.h ext2_sb.h ext2_sbn.h fat1x.h fat32.h fat_adv.h fat_cluster.h fatn.h geometry.h geometryn.h godmode.h hiddenn.h intrface.h intrfn.h io_redir.h nodisk.h ntfs_adv.h ntfs_fix.h ntfs_udl.h partgptn.h parti386n.h partmacn.h partsunn.h partxboxn.h tanalyse.h tdelete.h tdiskop.h tdisksel.h texfat.h thfs.h tload.h tlog.h tmbrcode.h tntfs.h toptions.h tpartwr.h testdisk_SOURCES = $(base_C) $(base_H) $(fs_C) $(fs_H) $(testdisk_ncurses_C) $(testdisk_ncurses_H) dir.c dir.h dir_common.h exfat_dir.c exfat_dir.h ext2_dir.c ext2_dir.h ext2_inc.h fat_dir.c fat_dir.h ntfs_dir.c ntfs_dir.h ntfs_inc.h partgptw.c rfs_dir.c rfs_dir.h $(ICON_TESTDISK) next.c next.h diff --git a/src/common.c b/src/common.c index c37bddd0..3856df6e 100644 --- a/src/common.c +++ b/src/common.c @@ -3,17 +3,17 @@ File: common.c Copyright (C) 1998-2006 Christophe GRENIER <[email protected]> - + This software is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. @@ -30,7 +30,7 @@ #undef HAVE_MEMALIGN #undef HAVE_NCURSES #endif - + #include <stdio.h> #include <ctype.h> #ifdef HAVE_STDLIB_H @@ -92,10 +92,8 @@ void *MALLOC(size_t size) #else if((res=malloc(size))==NULL) { -#ifndef DISABLED_FOR_FRAMAC log_critical("\nCan't allocate %lu bytes of memory.\n", (long unsigned)size); log_close(); -#endif exit(EXIT_FAILURE); } memset(res,0,size); diff --git a/src/common.h b/src/common.h index 3b2397a4..292e1ca7 100644 --- a/src/common.h +++ b/src/common.h @@ -3,17 +3,17 @@ File: common.h Copyright (C) 1998-2007 Christophe GRENIER <[email protected]> - + This software is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. @@ -126,115 +126,115 @@ typedef struct efi_guid_s efi_guid_t; #define PXBOX_FATX 1 #define GPT_ENT_TYPE_UNUSED \ - ((const efi_guid_t){le32(0x00000000),le16(0x0000),le16(0x0000),0x00,0x00,{0x00,0x00,0x00,0x00,0x00,0x00}}) + (const efi_guid_t){le32(0x00000000),le16(0x0000),le16(0x0000),0x00,0x00,{0x00,0x00,0x00,0x00,0x00,0x00}} #define GPT_ENT_TYPE_EFI \ - ((const efi_guid_t){le32(0xc12a7328),le16(0xf81f),le16(0x11d2),0xba,0x4b,{0x00,0xa0,0xc9,0x3e,0xc9,0x3b}}) + (const efi_guid_t){le32(0xc12a7328),le16(0xf81f),le16(0x11d2),0xba,0x4b,{0x00,0xa0,0xc9,0x3e,0xc9,0x3b}} /* Extended Boot Partition */ #define GPT_ENT_TYPE_EBP \ - ((const efi_guid_t){le32(0xbc13c2ff),le16(0x59e6),le16(0x4262),0xa3,0x52,{0xb2,0x75,0xfd,0x6f,0x71,0x72}}) + (const efi_guid_t){le32(0xbc13c2ff),le16(0x59e6),le16(0x4262),0xa3,0x52,{0xb2,0x75,0xfd,0x6f,0x71,0x72}} #define GPT_ENT_TYPE_MBR \ - ((const efi_guid_t){le32(0x024dee41),le16(0x33e7),le16(0x11d3),0x9d,0x69,{0x00,0x08,0xc7,0x81,0xf3,0x9f}}) + (const efi_guid_t){le32(0x024dee41),le16(0x33e7),le16(0x11d3),0x9d,0x69,{0x00,0x08,0xc7,0x81,0xf3,0x9f}} #define GPT_ENT_TYPE_FREEBSD \ - ((const efi_guid_t){le32(0x516e7cb4),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + (const efi_guid_t){le32(0x516e7cb4),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} #define GPT_ENT_TYPE_FREEBSD_SWAP \ - ((const efi_guid_t){le32(0x516e7cb5),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + (const efi_guid_t){le32(0x516e7cb5),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} #define GPT_ENT_TYPE_FREEBSD_UFS \ - ((const efi_guid_t){le32(0x516e7cb6),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + (const efi_guid_t){le32(0x516e7cb6),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} #define GPT_ENT_TYPE_FREEBSD_ZFS \ - ((const efi_guid_t){le32(0x516e7cb),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + (const efi_guid_t){le32(0x516e7cb),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} /* * The following is unused but documented here to avoid reuse. * * GPT_ENT_TYPE_FREEBSD_UFS2 \ - * ((const efi_guid_t){le32(0x516e7cb7),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + * (const efi_guid_t){le32(0x516e7cb7),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} */ #define GPT_ENT_TYPE_FREEBSD_VINUM \ - ((const efi_guid_t){le32(0x516e7cb8),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}}) + (const efi_guid_t){le32(0x516e7cb8),le16(0x6ecf),le16(0x11d6),0x8f,0xf8,{0x00,0x02,0x2d,0x09,0x71,0x2b}} #define GPT_ENT_TYPE_MS_BASIC_DATA \ - ((const efi_guid_t){le32(0xebd0a0a2),le16(0xb9e5),le16(0x4433),0x87,0xc0,{0x68,0xb6,0xb7,0x26,0x99,0xc7}}) + (const efi_guid_t){le32(0xebd0a0a2),le16(0xb9e5),le16(0x4433),0x87,0xc0,{0x68,0xb6,0xb7,0x26,0x99,0xc7}} #define GPT_ENT_TYPE_MS_LDM_DATA \ - ((const efi_guid_t){le32(0xaf9b60a0),le16(0x1431),le16(0x4f62),0xbc,0x68,{0x33,0x11,0x71,0x4a,0x69,0xad}}) + (const efi_guid_t){le32(0xaf9b60a0),le16(0x1431),le16(0x4f62),0xbc,0x68,{0x33,0x11,0x71,0x4a,0x69,0xad}} #define GPT_ENT_TYPE_MS_LDM_METADATA \ - ((const efi_guid_t){le32(0x5808c8aa),le16(0x7e8f),le16(0x42e0),0x85,0xd2,{0xe1,0xe9,0x04,0x34,0xcf,0xb3}}) + (const efi_guid_t){le32(0x5808c8aa),le16(0x7e8f),le16(0x42e0),0x85,0xd2,{0xe1,0xe9,0x04,0x34,0xcf,0xb3}} #define GPT_ENT_TYPE_MS_RECOVERY \ - ((const efi_guid_t){le32(0xde94bba4),le16(0x06d1),le16(0x4d40),0xa1,0x6a,{0xbf,0xd5,0x01,0x79,0xd6,0xac}}) + (const efi_guid_t){le32(0xde94bba4),le16(0x06d1),le16(0x4d40),0xa1,0x6a,{0xbf,0xd5,0x01,0x79,0xd6,0xac}} #define GPT_ENT_TYPE_MS_RESERVED \ - ((const efi_guid_t){le32(0xe3c9e316),le16(0x0b5c),le16(0x4db8),0x81,0x7d,{0xf9,0x2d,0xf0,0x02,0x15,0xae}}) + (const efi_guid_t){le32(0xe3c9e316),le16(0x0b5c),le16(0x4db8),0x81,0x7d,{0xf9,0x2d,0xf0,0x02,0x15,0xae}} #define GPT_ENT_TYPE_MS_SPACES \ - ((const efi_guid_t){le32(0xe75caf8f),le16(0xf680),le16(0x4cee),0xaf,0xa3,{0xb0,0x01,0xe5,0x6e,0xfc,0x2d}}) + (const efi_guid_t){le32(0xe75caf8f),le16(0xf680),le16(0x4cee),0xaf,0xa3,{0xb0,0x01,0xe5,0x6e,0xfc,0x2d}} #define GPT_ENT_TYPE_LINUX_DATA \ - ((const efi_guid_t){le32(0x0fc63daf),le16(0x8483),le16(0x4772),0x8e,0x79,{0x3d,0x69,0xd8,0x47,0x7d,0xe4}}) + (const efi_guid_t){le32(0x0fc63daf),le16(0x8483),le16(0x4772),0x8e,0x79,{0x3d,0x69,0xd8,0x47,0x7d,0xe4}} #define GPT_ENT_TYPE_LINUX_HOME \ - ((const efi_guid_t){le32(0x933ac7e1),le16(0x2eb4),le16(0x4f13),0xb8,0x44,{0x0e,0x14,0xe2,0xae,0xf9,0x15}}) + (const efi_guid_t){le32(0x933ac7e1),le16(0x2eb4),le16(0x4f13),0xb8,0x44,{0x0e,0x14,0xe2,0xae,0xf9,0x15}} #define GPT_ENT_TYPE_LINUX_LVM \ - ((const efi_guid_t){le32(0xe6d6d379),le16(0xf507),le16(0x44c2),0xa2,0x3c,{0x23,0x8f,0x2a,0x3d,0xf9,0x28}}) + (const efi_guid_t){le32(0xe6d6d379),le16(0xf507),le16(0x44c2),0xa2,0x3c,{0x23,0x8f,0x2a,0x3d,0xf9,0x28}} #define GPT_ENT_TYPE_LINUX_RAID \ - ((const efi_guid_t){le32(0xa19d880f),le16(0x05fc),le16(0x4d3b),0xa0,0x06,{0x74,0x3f,0x0f,0x84,0x91,0x1e}}) + (const efi_guid_t){le32(0xa19d880f),le16(0x05fc),le16(0x4d3b),0xa0,0x06,{0x74,0x3f,0x0f,0x84,0x91,0x1e}} #define GPT_ENT_TYPE_LINUX_RESERVED \ - ((const efi_guid_t){le32(0x8da63339),le16(0x0007),le16(0x60c0),0xc4,0x36,{0x08,0x3a,0xc8,0x23,0x09,0x08}}) + (const efi_guid_t){le32(0x8da63339),le16(0x0007),le16(0x60c0),0xc4,0x36,{0x08,0x3a,0xc8,0x23,0x09,0x08}} #define GPT_ENT_TYPE_LINUX_SRV \ - ((const efi_guid_t){le32(0x3b8f8425),le16(0x20e0),le16(0x4f3b),0x90,0x7f,{0x1a,0x25,0xa7,0x6f,0x98,0xe8}}) + (const efi_guid_t){le32(0x3b8f8425),le16(0x20e0),le16(0x4f3b),0x90,0x7f,{0x1a,0x25,0xa7,0x6f,0x98,0xe8}} #define GPT_ENT_TYPE_LINUX_SWAP \ - ((const efi_guid_t){le32(0x0657fd6d),le16(0xa4ab),le16(0x43c4),0x84,0xe5,{0x09,0x33,0xc8,0x4b,0x4f,0x4f}}) + (const efi_guid_t){le32(0x0657fd6d),le16(0xa4ab),le16(0x43c4),0x84,0xe5,{0x09,0x33,0xc8,0x4b,0x4f,0x4f}} #define GPT_ENT_TYPE_HPUX_DATA \ - ((const efi_guid_t){le32(0x75894c1e),le16(0x3aeb),le16(0x11d3),0xb7,0xc1,{0x7b,0x03,0xa0,0x00,0x00,0x00}}) + (const efi_guid_t){le32(0x75894c1e),le16(0x3aeb),le16(0x11d3),0xb7,0xc1,{0x7b,0x03,0xa0,0x00,0x00,0x00}} #define GPT_ENT_TYPE_HPUX_SERVICE \ - ((const efi_guid_t){le32(0xe2a1e728),le16(0x32e3),le16(0x11d6),0xa6,0x82,{0x7b,0x03,0xa0,0x00,0x00,0x00}}) + (const efi_guid_t){le32(0xe2a1e728),le16(0x32e3),le16(0x11d6),0xa6,0x82,{0x7b,0x03,0xa0,0x00,0x00,0x00}} #define GPT_ENT_TYPE_APPLE_CORE_STORAGE \ - ((const efi_guid_t){le32(0x53746F72),le16(0x6167),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x53746F72),le16(0x6167),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_APFS \ - ((const efi_guid_t){le32(0x7c3457ef),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x7c3457ef),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_BOOT \ - ((const efi_guid_t){le32(0x426f6f74),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x426f6f74),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_HFS \ - ((const efi_guid_t){le32(0x48465300),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x48465300),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_LABEL \ - ((const efi_guid_t){le32(0x4c616265),le16(0x6c00),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x4c616265),le16(0x6c00),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_RAID \ - ((const efi_guid_t){le32(0x52414944),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x52414944),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_RAID_OFFLINE \ - ((const efi_guid_t){le32(0x52414944),le16(0x5f4f),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x52414944),le16(0x5f4f),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_TV_RECOVERY \ - ((const efi_guid_t){le32(0x5265636f),le16(0x7665),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x5265636f),le16(0x7665),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_MAC_UFS \ - ((const efi_guid_t){le32(0x55465300),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}}) + (const efi_guid_t){le32(0x55465300),le16(0x0000),le16(0x11aa),0xaa,0x11,{0x00,0x30,0x65,0x43,0xec,0xac}} #define GPT_ENT_TYPE_SOLARIS_BACKUP \ - ((const efi_guid_t){le32(0x6a8b642b),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a8b642b),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_BOOT \ - ((const efi_guid_t){le32(0x6a82cb45),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a82cb45),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_ROOT \ - ((const efi_guid_t){le32(0x6a85cf4d),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a85cf4d),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_SWAP \ - ((const efi_guid_t){le32(0x6a87c46f),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a87c46f),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_USR \ - ((const efi_guid_t){le32(0x6a898cc3),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) -#define GPT_ENT_TYPE_MAC_ZFS GPT_ENT_TYPE_SOLARIS_USR + (const efi_guid_t){le32(0x6a898cc3),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} +#define GPT_ENT_TYPE_MAC_ZFS GPT_ENT_TYPE_SOLARIS_USR #define GPT_ENT_TYPE_SOLARIS_VAR \ - ((const efi_guid_t){le32(0x6a8ef2e9),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a8ef2e9),le16(0x1dd2),le16(0x11b2),0x99,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_HOME \ - ((const efi_guid_t){le32(0x6a90ba39),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a90ba39),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_EFI_ALTSCTR \ - ((const efi_guid_t){le32(0x6a9283a5),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a9283a5),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_RESERVED1 \ - ((const efi_guid_t){le32(0x6a945a3b),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a945a3b),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_RESERVED2 \ - ((const efi_guid_t){le32(0x6a9630d1),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a9630d1),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_RESERVED3 \ - ((const efi_guid_t){le32(0x6a980767),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a980767),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_RESERVED4 \ - ((const efi_guid_t){le32(0x6a96237f),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a96237f),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_SOLARIS_RESERVED5 \ - ((const efi_guid_t){le32(0x6a8d2ac7),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}}) + (const efi_guid_t){le32(0x6a8d2ac7),le16(0x1dd2),le16(0x11b2),0x96,0xa6,{0x08,0x00,0x20,0x73,0x66,0x31}} #define GPT_ENT_TYPE_BEOS_BFS \ - ((const efi_guid_t){le32(0x42465331),le16(0x3ba3),le16(0x10f1),0x80,0x2a,{0x48,0x61,0x69,0x6b,0x75,0x21}}) + (const efi_guid_t){le32(0x42465331),le16(0x3ba3),le16(0x10f1),0x80,0x2a,{0x48,0x61,0x69,0x6b,0x75,0x21}} #define TESTDISK_O_RDONLY 00 #define TESTDISK_O_RDWR 02 @@ -473,7 +473,7 @@ inductive valid_list_disk{L} (list_disk_t *list) case list_null{L}: valid_list_disk(\null); case list_not_null{L}: - \forall list_disk_t *list; \valid_read(list) ==> valid_disk(list->disk) && valid_list_disk(list->next) ==> valid_list_disk(list); + \forall list_disk_t *list; \valid_read(list) && valid_list_disk(list) ==> valid_disk(list->disk) && valid_list_disk(list->next); } @*/ @@ -547,7 +547,6 @@ void set_part_name_chomp(partition_t *partition, const char *src, const unsigned /*@ @ requires valid_read_string(str); - @ terminates \true; @ ensures \result == \null || valid_read_string(\result); @*/ char* strip_dup(char* str); @@ -555,6 +554,7 @@ char* strip_dup(char* str); /*@ @ requires f_time <= 0xffffffff; @ requires f_date <= 0xffffffff; + @ terminates \true; @ assigns \nothing; @*/ time_t date_dos2unix(const unsigned short f_time,const unsigned short f_date); @@ -566,6 +566,7 @@ void set_secwest(void); @ assigns \nothing; @*/ time_t td_ntfs2utc (int64_t ntfstime); + #ifndef BSD_MAXPARTITIONS #define BSD_MAXPARTITIONS 8 #endif @@ -657,7 +658,6 @@ struct tm *localtime_r(const time_t *timep, struct tm *result); @ requires valid_read_string(cmd); @ requires \separated(cmd+(..), current_cmd, *current_cmd); @ requires strlen(cmd) == n; - @ terminates \true; @ assigns *current_cmd; @ ensures valid_read_string(*current_cmd); @ ensures \result != 0 ==> *current_cmd == \old(*current_cmd); @@ -670,6 +670,7 @@ int check_command(char **current_cmd, const char *cmd, const size_t n); @ requires \valid(current_cmd); @ requires valid_read_string(*current_cmd); @ requires \separated(current_cmd, *current_cmd); + @ terminates \true; @ assigns *current_cmd; @ ensures valid_read_string(*current_cmd); @*/ @@ -58,6 +58,7 @@ const char *monstr[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"}; /*@ + @ terminates \true; @ assigns \result; @*/ static char ftypelet (unsigned int bits) @@ -264,6 +265,7 @@ unsigned int delete_list_file(file_info_t *file_info) unsigned int nbr=0; struct td_list_head *file_walker = NULL; struct td_list_head *file_walker_next = NULL; +#ifndef DISABLED_FOR_FRAMAC td_list_for_each_safe(file_walker,file_walker_next, &file_info->list) { file_info_t *tmp; @@ -273,6 +275,7 @@ unsigned int delete_list_file(file_info_t *file_info) free(tmp); nbr++; } +#endif return nbr; } @@ -289,7 +292,10 @@ static int is_inode_valid(const file_info_t *current_file, const unsigned int di return 0; if(strcmp(current_file->name, "..")==0) return 0; - /*@ loop assigns i; */ + /*@ + @ loop assigns i; + @ loop variant dir_nbr - i; + @*/ for(i=0; i<dir_nbr; i++) if(new_inode==inode_known[i]) /* Avoid loop */ return 0; @@ -425,17 +431,21 @@ void dir_whole_partition_copy(disk_t *disk, const partition_t *partition, dir_da int filesort(const struct td_list_head *a, const struct td_list_head *b) { const file_info_t *file_a=td_list_entry_const(a, const file_info_t, list); + /*@ assert \valid_read(file_a); */ const file_info_t *file_b=td_list_entry_const(b, const file_info_t, list); + /*@ assert \valid_read(file_b); */ /* Directories must be listed before files */ const int res=((file_b->st_mode&LINUX_S_IFDIR)-(file_a->st_mode&LINUX_S_IFDIR)); if(res) return res; + /*@ assert valid_read_string(file_a->name); */ /* . and .. must listed before the other directories */ if((file_a->st_mode&LINUX_S_IFDIR) && strcmp(file_a->name, ".")==0) return -1; if((file_a->st_mode&LINUX_S_IFDIR) && strcmp(file_a->name, "..")==0 && strcmp(file_b->name, ".")!=0) return -1; + /*@ assert valid_read_string(file_b->name); */ if((file_b->st_mode&LINUX_S_IFDIR) && strcmp(file_b->name, ".")==0) return 1; if((file_b->st_mode&LINUX_S_IFDIR) && strcmp(file_b->name, "..")==0 && @@ -488,10 +498,14 @@ static struct { @*/ static mode_t mode_xlate(unsigned int lmode) { + unsigned int i; mode_t mode = 0; - int i; - /*@ loop assigns i, mode; */ - for (i=0; mode_table[i].lmask; i++) { + /*@ + @ loop unroll 20; + @ loop assigns i, mode; + @*/ + for (i=0; mode_table[i].lmask; i++) + { if (lmode & mode_table[i].lmask) mode |= mode_table[i].mask; } @@ -523,7 +537,14 @@ int set_mode(const char *pathname, unsigned int mode) static void strip_fn(char *fn) { unsigned int i; + /*@ + @ loop assigns i; + @*/ for(i=0;fn[i]!='\0';i++); + /*@ + @ loop assigns i; + @ loop invariant i; + @*/ while(i>0 && (fn[i-1]==' '||fn[i-1]=='.')) i--; if(i==0 && (fn[i]==' '||fn[i]=='.')) @@ -591,8 +612,15 @@ static inline unsigned char convert_char_dos(unsigned char car) static unsigned int filename_convert(char *dst, const char*src, const unsigned int n) { unsigned int i; + /*@ + @ loop assigns i, dst[0 .. i]; + @ loop variant n - i; + @*/ for(i=0;i<n && src[i]!='\0';i++) dst[i]=convert_char_dos(src[i]); + /*@ + @ loop variant i; + @*/ while(i>0 && (dst[i-1]==' '||dst[i-1]=='.')) i--; if(i==0 && (dst[i]==' '||dst[i]=='.')) @@ -690,7 +718,8 @@ static unsigned int filename_convert(char *dst, const char*src, const unsigned i { unsigned int i; /*@ - @ loop assigns i, dst[i]; + @ loop assigns i, dst[0 .. i]; + @ loop invariant n - i; @*/ for(i=0;i<n && src[i]!='\0';i++) dst[i]=src[i]; @@ -713,6 +742,9 @@ char *gen_local_filename(const char *filename) char *mkdir_local(const char *localroot, const char *pathname) { +#ifdef DISABLED_FOR_FRAMAC + return NULL; +#else const int l1=(localroot==NULL?0:strlen(localroot)); const int l2=strlen(pathname); char *localdir=(char *)MALLOC(l1+l2+1); @@ -776,6 +808,7 @@ char *mkdir_local(const char *localroot, const char *pathname) #warning "You need a mkdir function!" #endif return localdir; +#endif } void mkdir_local_for_file(const char *filename) @@ -794,6 +827,9 @@ void mkdir_local_for_file(const char *filename) FILE *fopen_local(char **localfilename, const char *localroot, const char *filename) { +#ifdef DISABLED_FOR_FRAMAC + return NULL; +#else const int l1=strlen(localroot); const int l2=strlen(filename); const char *src; @@ -858,4 +894,5 @@ FILE *fopen_local(char **localfilename, const char *localroot, const char *filen return f_out; filename_convert(dst_org, src_org, l2); return fopen(*localfilename,"wb"); +#endif } @@ -27,7 +27,7 @@ extern "C" { #include "dir_common.h" /*@ - @ requires \valid(datestr); + @ requires \valid(datestr + (0 .. 17)); @*/ int set_datestr(char *datestr, size_t n, const time_t timev); @@ -90,7 +90,9 @@ static int fat32_set_part_name(disk_t *disk_car, partition_t *partition, const s if((unsigned)disk_car->pread(disk_car, buffer, cluster_size, partition->part_offset + (le16(fat_header->reserved) + fat_header->fats * le32(fat_header->fat32_length) + (uint64_t)(le32(fat_header->root_cluster) - 2) * fat_header->sectors_per_cluster) * disk_car->sector_size) != cluster_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("fat32_set_part_name() cannot read FAT32 root cluster.\n"); +#endif } else { @@ -114,7 +116,9 @@ static int fat32_set_part_name(disk_t *disk_car, partition_t *partition, const s } if(partition->fsname[0]=='\0') { +#ifndef DISABLED_FOR_FRAMAC log_info("set_FAT_info: name from BS used\n"); +#endif set_part_name_chomp(partition, (const char*)fat_header + FAT32_PART_NAME, 11); if(check_VFAT_volume_name(partition->fsname, 11)) partition->fsname[0]='\0'; @@ -181,6 +185,7 @@ static void set_FAT_info(disk_t *disk_car, const struct fat_boot_sector *fat_hea @*/ static int log_fat_info(const struct fat_boot_sector*fh1, const upart_type_t upart_type, const unsigned int sector_size) { +#ifndef DISABLED_FOR_FRAMAC log_info("sector_size %u\n", fat_sector_size(fh1)); log_info("cluster_size %u\n", fh1->sectors_per_cluster); log_info("reserved %u\n", le16(fh1->reserved)); @@ -210,11 +215,13 @@ static int log_fat_info(const struct fat_boot_sector*fh1, const upart_type_t upa else log_info("next_free %lu\n",fat32_get_next_free((const unsigned char*)fh1,sector_size)); } +#endif return 0; } int log_fat2_info(const struct fat_boot_sector*fh1, const struct fat_boot_sector*fh2, const upart_type_t upart_type, const unsigned int sector_size) { +#ifndef DISABLED_FOR_FRAMAC switch(upart_type) { case UP_FAT12: @@ -268,6 +275,7 @@ int log_fat2_info(const struct fat_boot_sector*fh1, const struct fat_boot_sector else log_info("%lu\n",fat32_get_next_free((const unsigned char*)fh2,sector_size)); } +#endif return 0; } @@ -277,19 +285,23 @@ int check_FAT(disk_t *disk_car, partition_t *partition, const int verbose) buffer=(unsigned char *)MALLOC(3*disk_car->sector_size); if((unsigned)disk_car->pread(disk_car, buffer, 3 * disk_car->sector_size, partition->part_offset) != 3 * disk_car->sector_size) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_FAT: can't read FAT boot sector\n"); log_error("check_FAT: can't read FAT boot sector\n"); +#endif free(buffer); return 1; } if(test_FAT(disk_car,(const struct fat_boot_sector *)buffer,partition,verbose,0)!=0) { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_error("\n\ntest_FAT()\n"); log_partition(disk_car,partition); log_fat_info((const struct fat_boot_sector*)buffer, partition->upart_type,disk_car->sector_size); } +#endif free(buffer); return 1; } @@ -318,7 +330,9 @@ static unsigned int get_next_cluster_fat12(disk_t *disk, const partition_t *part if((unsigned)disk->pread(disk, buffer, 2 * disk->sector_size, partition->part_offset + (uint64_t)(offset + offset_s) * disk->sector_size) != 2 * disk->sector_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("get_next_cluster_fat12 read error\n"); +#endif free(buffer); return 0; } @@ -350,7 +364,9 @@ static unsigned int get_next_cluster_fat16(disk_t *disk, const partition_t *part if((unsigned)disk->pread(disk, buffer, disk->sector_size, partition->part_offset + (uint64_t)(offset + offset_s) * disk->sector_size) != disk->sector_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("get_next_cluster_fat16 read error\n"); +#endif free(buffer); return 0; } @@ -379,7 +395,9 @@ static unsigned int get_next_cluster_fat32(disk_t *disk, const partition_t *part if((unsigned)disk->pread(disk, buffer, disk->sector_size, partition->part_offset + (uint64_t)(offset + offset_s) * disk->sector_size) != disk->sector_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("get_next_cluster_fat32 read error\n"); +#endif free(buffer); return 0; } @@ -405,7 +423,9 @@ unsigned int get_next_cluster(disk_t *disk,const partition_t *partition, const u case UP_FAT32: return get_next_cluster_fat32(disk, partition, offset, cluster); default: +#ifndef DISABLED_FOR_FRAMAC log_critical("fat.c get_next_cluster unknown fat type\n"); +#endif return 0; } } @@ -433,14 +453,18 @@ int set_next_cluster(disk_t *disk_car,const partition_t *partition, const upart_ offset_o=cluster%(disk_car->sector_size/4); break; default: +#ifndef DISABLED_FOR_FRAMAC log_critical("fat.c set_next_cluster unknown fat type\n"); +#endif free(buffer); return 1; } if((unsigned)disk_car->pread(disk_car, buffer, buffer_size, partition->part_offset + (uint64_t)(offset + offset_s) * disk_car->sector_size) != buffer_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("set_next_cluster read error\n"); +#endif free(buffer); return 1; } @@ -474,7 +498,9 @@ int set_next_cluster(disk_t *disk_car,const partition_t *partition, const upart_ } if((unsigned)disk_car->pwrite(disk_car, buffer, buffer_size, partition->part_offset + (uint64_t)(offset + offset_s) * disk_car->sector_size) != buffer_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("Write error: set_next_cluster write error\n"); +#endif free(buffer); return 1; } @@ -497,7 +523,10 @@ unsigned int fat32_get_prev_cluster(disk_t *disk_car,const partition_t *partitio { if((unsigned)disk_car->pread(disk_car, buffer, disk_car->sector_size, hd_offset) != disk_car->sector_size) { - log_error("fat32_get_prev_cluster error\n"); return 0; +#ifndef DISABLED_FOR_FRAMAC + log_error("fat32_get_prev_cluster error\n"); +#endif + return 0; } hd_offset+=disk_car->sector_size; } @@ -540,17 +569,21 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p && (fat_header->ignored[0]==0xeb || fat_header->ignored[0]==0xe9) && (fat_header->fats==1 || fat_header->fats==2))) return 1; /* Obviously not a FAT */ +#ifndef DISABLED_FOR_FRAMAC if(verbose>1 || dump_ind!=0) { log_trace("test_FAT\n"); log_partition(disk_car, partition); } +#endif if(dump_ind!=0) dump_log(fat_header, DEFAULT_SECTOR_SIZE); if(!((fat_header->ignored[0]==0xeb && fat_header->ignored[2]==0x90)||fat_header->ignored[0]==0xe9)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_BAD_JUMP); log_error(msg_CHKFAT_BAD_JUMP); +#endif return 1; } switch(fat_header->sectors_per_cluster) @@ -565,29 +598,37 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p case 128: break; default: +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_SECT_CLUSTER); log_error(msg_CHKFAT_SECT_CLUSTER); +#endif return 1; } switch(fat_header->fats) { case 1: +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_FAT: Unusual, only one FAT\n"); log_warning("check_FAT: Unusual, only one FAT\n"); +#endif break; case 2: break; default: +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_FAT: Bad number %u of FAT\n", fat_header->fats); log_error("check_FAT: Bad number %u of FAT\n", fat_header->fats); +#endif return 1; } if(fat_sector_size(fat_header)!=disk_car->sector_size) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_FAT: number of bytes per sector mismatches %u (FAT) != %u (HD)\n", fat_sector_size(fat_header), disk_car->sector_size); log_error("check_FAT: number of bytes per sector mismatches %u (FAT) != %u (HD)\n", fat_sector_size(fat_header), disk_car->sector_size); +#endif return 1; } fat_length=le16(fat_header->fat_length)>0?le16(fat_header->fat_length):le32(fat_header->fat32_length); @@ -597,18 +638,23 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p start_data=start_fat1+fat_header->fats*fat_length+(get_dir_entries(fat_header)*32+fat_sector_size(fat_header)-1)/fat_sector_size(fat_header); no_of_cluster=(part_size-start_data)/fat_header->sectors_per_cluster; end_data=start_data+no_of_cluster*fat_header->sectors_per_cluster-1; +#ifndef DISABLED_FOR_FRAMAC if(verbose>1) { log_info("number of cluster = %lu\n",no_of_cluster); } +#endif if(fat_header->media!=0xF0 && fat_header->media<0xF8) { /* Legal values are 0xF0, 0xF8-0xFF */ +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_FAT: Bad media descriptor (0x%02x!=0xf8)\n",fat_header->media); log_error("check_FAT: Bad media descriptor (0x%02x!=0xf8)\n",fat_header->media); +#endif return 1; } if(no_of_cluster<4085) { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_info("FAT12 at %u/%u/%u\n", @@ -626,20 +672,26 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p screen_buffer_add("check_FAT: Unusual number of reserved sectors %u (FAT), should be 1.\n",le16(fat_header->reserved)); log_warning("check_FAT: Unusual number of reserved sectors %u (FAT), should be 1.\n",le16(fat_header->reserved)); } +#endif if((get_dir_entries(fat_header)==0)||(get_dir_entries(fat_header)%16!=0)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_ENTRY); log_error(msg_CHKFAT_ENTRY); +#endif return 1; } if((le16(fat_header->fat_length)>256)||(le16(fat_header->fat_length)==0)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_SECTPFAT); log_error(msg_CHKFAT_SECTPFAT); +#endif return 1; } start_rootdir=start_fat2+fat_length; fat_length_calc=((no_of_cluster+2+fat_sector_size(fat_header)*2/3-1)*3/2/fat_sector_size(fat_header)); +#ifndef DISABLED_FOR_FRAMAC if(memcmp(buffer+FAT_NAME1,"FAT12 ",8)!=0) /* 2 Mo max */ { screen_buffer_add("Should be marked as FAT12\n"); @@ -650,9 +702,11 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p screen_buffer_add("check_FAT: Unusual media descriptor (0x%02x!=0xf0)\n", fat_header->media); log_warning("check_FAT: Unusual media descriptor (0x%02x!=0xf0)\n", fat_header->media); } +#endif } else if(no_of_cluster<65525) { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_info("FAT16 at %u/%u/%u\n", @@ -665,20 +719,26 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p screen_buffer_add("check_FAT: Unusual number of reserved sectors %u (FAT), should be 1.\n",le16(fat_header->reserved)); log_warning("check_FAT: Unusual number of reserved sectors %u (FAT), should be 1.\n",le16(fat_header->reserved)); } +#endif if(le16(fat_header->fat_length)==0) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_SECTPFAT); log_error(msg_CHKFAT_SECTPFAT); +#endif return 1; } if((get_dir_entries(fat_header)==0)||(get_dir_entries(fat_header)%16!=0)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_ENTRY); log_error(msg_CHKFAT_ENTRY); +#endif return 1; } start_rootdir=start_fat2+fat_length; fat_length_calc=((no_of_cluster+2+fat_sector_size(fat_header)/2-1)*2/fat_sector_size(fat_header)); +#ifndef DISABLED_FOR_FRAMAC if(memcmp(buffer+FAT_NAME1,"FAT16 ",8)!=0) { screen_buffer_add("Should be marked as FAT16\n"); @@ -689,9 +749,11 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p screen_buffer_add("check_FAT: Unusual media descriptor (0x%02x!=0xf8)\n", fat_header->media); log_warning("check_FAT: Unusual media descriptor (0x%02x!=0xf8)\n", fat_header->media); } +#endif } else { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_info("FAT32 at %u/%u/%u\n", @@ -699,31 +761,41 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p offset2head(disk_car,partition->part_offset), offset2sector(disk_car,partition->part_offset)); } +#endif if(fat_sectors(fat_header)!=0) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_SIZE); log_error(msg_CHKFAT_SIZE); +#endif return 1; } if(get_dir_entries(fat_header)!=0) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_ENTRY); log_error(msg_CHKFAT_ENTRY); +#endif return 1; } +#ifndef DISABLED_FOR_FRAMAC if((fat_header->version[0]!=0) || (fat_header->version[1]!=0)) { screen_buffer_add(msg_CHKFAT_BADFAT32VERSION); log_error(msg_CHKFAT_BADFAT32VERSION); } +#endif if((le32(fat_header->root_cluster)<2) ||(le32(fat_header->root_cluster)>=2+no_of_cluster)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("Bad root_cluster\n"); log_error("Bad root_cluster\n"); +#endif return 1; } start_rootdir=start_data+(uint64_t)(le32(fat_header->root_cluster)-2)*fat_header->sectors_per_cluster; fat_length_calc=((no_of_cluster+2+fat_sector_size(fat_header)/4-1)*4/fat_sector_size(fat_header)); +#ifndef DISABLED_FOR_FRAMAC if(memcmp(buffer+FAT_NAME2,"FAT32 ",8)!=0) { screen_buffer_add("Should be marked as FAT32\n"); @@ -739,27 +811,33 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p screen_buffer_add("Warning: Unusual drive number (0x%02x!=0x80)\n", fat_header->BS_DrvNum); log_warning("Warning: Unusual drive number (0x%02x!=0x80)\n", fat_header->BS_DrvNum); } +#endif } if(partition->part_size>0) { if(part_size > partition->part_size/fat_sector_size(fat_header)) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add( "Error: size boot_sector %lu > partition %lu\n", (long unsigned)part_size, (long unsigned)(partition->part_size/fat_sector_size(fat_header))); log_error("test_FAT size boot_sector %lu > partition %lu\n", (long unsigned)part_size, (long unsigned)(partition->part_size/fat_sector_size(fat_header))); +#endif return 1; } else { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0 && part_size!=partition->part_size) log_info("Info: size boot_sector %lu, partition %lu\n", (long unsigned)part_size, (long unsigned)(partition->part_size/fat_sector_size(fat_header))); +#endif } } +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_info("FAT1 : %lu-%lu\n", (long unsigned)start_fat1, (long unsigned)(start_fat1+fat_length-1)); @@ -773,13 +851,17 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p log_info("no_of_cluster : %lu (2 - %lu)\n", no_of_cluster,no_of_cluster+1); log_info("fat_length %lu calculated %lu\n",fat_length,fat_length_calc); } +#endif if(fat_length<fat_length_calc) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add(msg_CHKFAT_SECTPFAT); +#endif return 1; } if(fat_header->fats>1) comp_FAT(disk_car,partition,fat_length,le16(fat_header->reserved)); +#ifndef DISABLED_FOR_FRAMAC if(le16(fat_header->heads)!=disk_car->geom.heads_per_cylinder) { screen_buffer_add("Warning: number of heads/cylinder mismatches %u (FAT) != %u (HD)\n", @@ -794,6 +876,7 @@ int test_FAT(disk_t *disk_car, const struct fat_boot_sector *fat_header, const p log_warning("sect/track %u (FAT) != %u (HD)\n", le16(fat_header->secs_track), disk_car->geom.sectors_per_head); } +#endif return 0; } @@ -819,24 +902,30 @@ int comp_FAT(disk_t *disk, const partition_t *partition, const unsigned long int reste-=read_size; if((unsigned)disk->pread(disk, buffer, read_size, hd_offset) != read_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("comp_FAT: can't read FAT1\n"); +#endif free(buffer2); free(buffer); return 1; } if((unsigned)disk->pread(disk, buffer2, read_size, hd_offset2) != read_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("comp_FAT: can't read FAT2\n"); +#endif free(buffer2); free(buffer); return 1; } if(memcmp(buffer, buffer2, read_size)!=0) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT differs, FAT sectors=%lu-%lu/%lu\n", (unsigned long) ((hd_offset-partition->part_offset)/disk->sector_size-sect_res), (unsigned long) ((hd_offset-partition->part_offset+read_size)/disk->sector_size-sect_res), - fat_size); + fat_size); +#endif free(buffer2); free(buffer); return 1; @@ -852,12 +941,14 @@ int comp_FAT(disk_t *disk, const partition_t *partition, const unsigned long int unsigned long int fat32_get_free_count(const unsigned char *boot_fat32, const unsigned int sector_size) { const struct fat_fsinfo *fsinfo=(const struct fat_fsinfo *)&boot_fat32[sector_size]; + /*@ assert \valid_read(fsinfo); */ return le32(fsinfo->freecnt); } unsigned long int fat32_get_next_free(const unsigned char *boot_fat32, const unsigned int sector_size) { const struct fat_fsinfo *fsinfo=(const struct fat_fsinfo *)&boot_fat32[sector_size]; + /*@ assert \valid_read(fsinfo); */ return le32(fsinfo->nextfree); } @@ -871,6 +962,7 @@ unsigned long int fat32_get_next_free(const unsigned char *boot_fat32, const uns @*/ static int fat_has_EFI_entry(disk_t *disk, const partition_t *partition, const int verbose) { +#ifndef DISABLED_FOR_FRAMAC dir_data_t dir_data; struct td_list_head *file_walker = NULL; file_info_t dir_list; @@ -891,6 +983,7 @@ static int fat_has_EFI_entry(disk_t *disk, const partition_t *partition, const i } delete_list_file(&dir_list); dir_data.close(&dir_data); +#endif return 0; } @@ -909,6 +1002,7 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti switch(partition->upart_type) { case UP_FAT12: +#ifndef DISABLED_FOR_FRAMAC if(verbose||dump_ind) { log_info("\nFAT12 at %u/%u/%u\n", @@ -916,10 +1010,12 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti offset2head(disk_car,partition->part_offset), offset2sector(disk_car,partition->part_offset)); } +#endif partition->part_type_i386=P_12FAT; partition->part_type_gpt=GPT_ENT_TYPE_MS_BASIC_DATA; break; case UP_FAT16: +#ifndef DISABLED_FOR_FRAMAC if(verbose||dump_ind) { log_info("\nFAT16 at %u/%u/%u\n", @@ -927,6 +1023,7 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti offset2head(disk_car,partition->part_offset), offset2sector(disk_car,partition->part_offset)); } +#endif if(fat_sectors(fat_header)!=0) partition->part_type_i386=P_16FAT; else if(offset2cylinder(disk_car,partition->part_offset+partition->part_size-1)<=1024) @@ -936,6 +1033,7 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti partition->part_type_gpt=GPT_ENT_TYPE_MS_BASIC_DATA; break; case UP_FAT32: +#ifndef DISABLED_FOR_FRAMAC if(verbose||dump_ind) { log_info("\nFAT32 at %u/%u/%u\n", @@ -943,6 +1041,7 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti offset2head(disk_car,partition->part_offset), offset2sector(disk_car,partition->part_offset)); } +#endif if(offset2cylinder(disk_car,partition->part_offset+partition->part_size-1)<=1024) partition->part_type_i386=P_32FAT; else @@ -956,7 +1055,9 @@ int recover_FAT(disk_t *disk_car, const struct fat_boot_sector*fat_header, parti } break; default: +#ifndef DISABLED_FOR_FRAMAC log_critical("recover_FAT unknown FAT type\n"); +#endif return 1; } if(memcmp(partition->fsname,"EFI",4)==0) @@ -1004,18 +1105,22 @@ int check_OS2MB(disk_t *disk, partition_t *partition, const int verbose) unsigned char *buffer=(unsigned char *)MALLOC(disk->sector_size); if((unsigned)disk->pread(disk, buffer, disk->sector_size, partition->part_offset) != disk->sector_size) { +#ifndef DISABLED_FOR_FRAMAC screen_buffer_add("check_OS2MB: Read error\n"); log_error("check_OS2MB: Read error\n"); +#endif free(buffer); return 1; } if(test_OS2MB(disk,(const struct fat_boot_sector *)buffer,partition,verbose,0)!=0) { +#ifndef DISABLED_FOR_FRAMAC if(verbose>0) { log_info("\n\ntest_OS2MB()\n"); log_partition(disk, partition); } +#endif free(buffer); return 1; } @@ -1148,7 +1253,9 @@ int fat32_free_info(disk_t *disk_car,const partition_t *partition, const unsigne { if((unsigned)disk_car->pread(disk_car, buffer, disk_car->sector_size, hd_offset) != disk_car->sector_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("fat32_free_info read error\n"); +#endif *next_free=0xFFFFFFFF; *free_count=0xFFFFFFFF; return 1; @@ -1163,7 +1270,9 @@ int fat32_free_info(disk_t *disk_car,const partition_t *partition, const unsigne *next_free=prev_cluster; } } +#ifndef DISABLED_FOR_FRAMAC log_info("next_free %u, free_count %u\n",*next_free,*free_count); +#endif free(buffer); return 0; } @@ -1173,6 +1282,7 @@ int check_VFAT_volume_name(const char *name, const unsigned int max_size) unsigned int i; /*@ @ loop assigns i; + @ loop variant max_size - i; @*/ for(i=0; i<max_size && name[i]!='\0'; i++) { @@ -64,30 +64,35 @@ int set_next_cluster(disk_t *disk, const partition_t *partition, const upart_typ /*@ @ requires \valid_read(partition); + @ terminates \true; @ assigns \nothing; @*/ int is_fat(const partition_t *partition); /*@ @ requires \valid_read(partition); + @ terminates \true; @ assigns \nothing; @*/ int is_part_fat(const partition_t *partition); /*@ @ requires \valid_read(partition); + @ terminates \true; @ assigns \nothing; @*/ int is_part_fat12(const partition_t *partition); /*@ @ requires \valid_read(partition); + @ terminates \true; @ assigns \nothing; @*/ int is_part_fat16(const partition_t *partition); /*@ @ requires \valid_read(partition); + @ terminates \true; @ assigns \nothing; @*/ int is_part_fat32(const partition_t *partition); @@ -115,13 +120,15 @@ unsigned int fat32_get_prev_cluster(disk_t *disk, const partition_t *partition, int fat32_free_info(disk_t *disk, const partition_t *partition, const unsigned int fat_offset, const unsigned int no_of_cluster, unsigned int *next_free, unsigned int *free_count); /*@ - @ requires \valid_read(boot_fat32 + (0 .. sector_size-1)); + @ requires \valid_read(boot_fat32 + (0 .. sector_size + 512 -1)); + @ terminates \true; @ assigns \nothing; @*/ unsigned long int fat32_get_free_count(const unsigned char *boot_fat32, const unsigned int sector_size); /*@ - @ requires \valid_read(boot_fat32 + (0 .. sector_size-1)); + @ requires \valid_read(boot_fat32 + (0 .. sector_size + 512 -1)); + @ terminates \true; @ assigns \nothing; @*/ unsigned long int fat32_get_next_free(const unsigned char *boot_fat32, const unsigned int sector_size); @@ -178,6 +185,7 @@ int check_OS2MB(disk_t *disk, partition_t *partition, const int verbose); /*@ @ requires \valid_read(name); + @ terminates \true; @ assigns \nothing; @*/ int check_VFAT_volume_name(const char *name, const unsigned int max_size); diff --git a/src/fat_dir.c b/src/fat_dir.c index 6869d4c7..099bace7 100644 --- a/src/fat_dir.c +++ b/src/fat_dir.c @@ -91,7 +91,10 @@ static void dir_partition_fat_close(dir_data_t *dir_data); @*/ static inline void fat16_towchar(wchar_t *dst, const uint8_t *src, size_t len) { - /*@ loop assigns len, *dst, dst, src; */ + /*@ + @ loop assigns len, *dst, dst, src; + @ loop variant len; + @*/ while (len--) { *dst++ = src[0] | (src[1] << 8); src += 2; @@ -333,7 +336,10 @@ RecEnd: typedef enum {FAT_FOLLOW_CLUSTER, FAT_NEXT_FREE_CLUSTER, FAT_NEXT_CLUSTER} fat_method_t; -/*@ assigns \nothing; */ +/*@ + @ terminates \true; + @ assigns \nothing; + @*/ static int is_EOC(const unsigned int cluster, const upart_type_t upart_type) { if(upart_type==UP_FAT12) @@ -363,12 +369,16 @@ static int fat_dir(disk_t *disk_car, const partition_t *partition, dir_data_t *d unsigned int cluster=first_cluster; if(fat_header->sectors_per_cluster<1) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT: Can't list files, bad cluster size.\n"); +#endif return -1; } if(fat_sector_size(fat_header)==0) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT: Can't list files, bad sector size.\n"); +#endif return -1; } if(cluster==0) @@ -377,14 +387,18 @@ static int fat_dir(disk_t *disk_car, const partition_t *partition, dir_data_t *d return fat1x_rootdir(disk_car, partition, dir_data, fat_header, dir_list); if(le32(fat_header->root_cluster)<2) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT32: Can't list files, bad root cluster.\n"); +#endif return -1; } cluster=le32(fat_header->root_cluster); } if(get_next_cluster(disk_car, partition, partition->upart_type, le16(fat_header->reserved), cluster)==0) { +#ifndef DISABLED_FOR_FRAMAC log_warning("FAT: Directory entry is marked as free.\n"); +#endif } { const unsigned int cluster_size=fat_header->sectors_per_cluster * fat_sector_size(fat_header); @@ -407,11 +421,15 @@ static int fat_dir(disk_t *disk_car, const partition_t *partition, dir_data_t *d const uint64_t start=partition->part_offset+(uint64_t)(start_data+(cluster-2)*fat_header->sectors_per_cluster)*fat_sector_size(fat_header); // if(dir_data->verbose>0) { +#ifndef DISABLED_FOR_FRAMAC log_info("FAT: cluster=%u(0x%x), pos=%lu\n",cluster,cluster,(long unsigned)(start/fat_sector_size(fat_header))); +#endif } if((unsigned)disk_car->pread(disk_car, buffer_dir + (uint64_t)cluster_size * nbr_cluster, cluster_size, start) != cluster_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT: Can't read directory cluster.\n"); +#endif stop=1; } if(stop==0 && nbr_cluster==0 && @@ -465,10 +483,12 @@ static int fat1x_rootdir(disk_t *disk_car, const partition_t *partition, const d const unsigned int root_size=(get_dir_entries(fat_header)*32+disk_car->sector_size-1)/disk_car->sector_size*disk_car->sector_size; if(root_size==0) return -1; +#ifndef DISABLED_FOR_FRAMAC if(dir_data->verbose>1) { log_trace("fat1x_rootdir root_size=%u sectors\n",root_size/disk_car->sector_size); } +#endif { int res; uint64_t start; @@ -477,7 +497,9 @@ static int fat1x_rootdir(disk_t *disk_car, const partition_t *partition, const d start=partition->part_offset+(uint64_t)((le16(fat_header->reserved)+fat_header->fats*le16(fat_header->fat_length))*disk_car->sector_size); if((unsigned)disk_car->pread(disk_car, buffer_dir, root_size, start) != root_size) { +#ifndef DISABLED_FOR_FRAMAC log_error("FAT 1x: Can't read root directory.\n"); +#endif /* Don't return yet, it may have been a partial read */ } res=dir_fat_aux(buffer_dir, root_size, dir_data->param, dir_list); @@ -494,7 +516,9 @@ dir_partition_t dir_partition_fat_init(disk_t *disk_car, const partition_t *part buffer=(unsigned char*)MALLOC(0x200); if(disk_car->pread(disk_car, buffer, 0x200, partition->part_offset) != 0x200) { +#ifndef DISABLED_FOR_FRAMAC log_error("Can't read FAT boot sector.\n"); +#endif free(buffer); return DIR_PART_EIO; } @@ -552,7 +576,9 @@ static copy_file_t fat_copy(disk_t *disk_car, const partition_t *partition, dir_ f_out=fopen_local(&new_file, dir_data->local_dir, dir_data->current_directory); if(!f_out) { +#ifndef DISABLED_FOR_FRAMAC log_critical("Can't create file %s: \n",new_file); +#endif free(new_file); free(buffer_file); return CP_CREATE_FAILED; @@ -563,11 +589,16 @@ static copy_file_t fat_copy(disk_t *disk_car, const partition_t *partition, dir_ start_fat1=le16(fat_header->reserved); start_data=start_fat1+fat_header->fats*fat_length+(get_dir_entries(fat_header)*32+disk_car->sector_size-1)/disk_car->sector_size; no_of_cluster=(part_size-start_data)/sectors_per_cluster; +#ifndef DISABLED_FOR_FRAMAC log_trace("fat_copy dst=%s first_cluster=%u (%llu) size=%lu\n", new_file, cluster, (long long unsigned)start_data+(cluster-2)*sectors_per_cluster, (long unsigned)file_size); +#endif + /*@ + @ loop variant file_size; + @*/ while(cluster>=2 && cluster<=no_of_cluster+2 && file_size>0) { const uint64_t start=partition->part_offset+(uint64_t)(start_data+(cluster-2)*sectors_per_cluster)*fat_sector_size(fat_header); @@ -576,11 +607,15 @@ static copy_file_t fat_copy(disk_t *disk_car, const partition_t *partition, dir_ toread = file_size; if((unsigned)disk_car->pread(disk_car, buffer_file, toread, start) != toread) { +#ifndef DISABLED_FOR_FRAMAC log_error("fat_copy: Can't read cluster %u.\n", cluster); +#endif } if(fwrite(buffer_file, 1, toread, f_out) != toread) { +#ifndef DISABLED_FOR_FRAMAC log_error("fat_copy: failed to write data %s\n", strerror(errno)); +#endif fclose(f_out); set_date(new_file, file->td_atime, file->td_mtime); free(new_file); diff --git a/src/fidentify.c b/src/fidentify.c index 06ba66cf..6bc2dbf2 100644 --- a/src/fidentify.c +++ b/src/fidentify.c @@ -79,8 +79,8 @@ static data_check_t data_check_wrapper(const unsigned char *buffer, const unsign data_check_t tmp; /*@ assert \valid(file_recovery); */ /*@ assert valid_file_recovery(file_recovery); */ + /*@ split file_recovery->data_check; */ /*@ assert \valid_function(file_recovery->data_check); */ - //@ split file_recovery->data_check; tmp=file_recovery->data_check(buffer, buffer_size, file_recovery); /*@ assert valid_file_recovery(file_recovery); */ /*@ assert valid_data_check_result(tmp, file_recovery); */ @@ -109,7 +109,10 @@ static data_check_t data_check_aux(file_recovery_t *file_recovery, const unsigne /*@ @ loop invariant valid_file_recovery(file_recovery); @ loop invariant file_recovery == \at(file_recovery, Pre); + @ loop invariant \valid_read(buffer_start + (0 .. blocksize + READ_SIZE - 1)); @ loop invariant file_recovery->calculated_file_size < PHOTOREC_MAX_FILE_SIZE; + @ loop invariant file_recovery->file_size < PHOTOREC_MAX_FILE_SIZE; + @ loop invariant \valid_function(file_recovery->data_check); @ loop invariant \separated(file_recovery, &errno, buffer_start + (..)); @ loop assigns *file_recovery->handle, errno; @ loop assigns buffer_start[0 .. blocksize + READ_SIZE -1]; diff --git a/src/file_bmp.c b/src/file_bmp.c index 9d8b1df8..7bb6a64b 100644 --- a/src/file_bmp.c +++ b/src/file_bmp.c @@ -101,7 +101,10 @@ struct bmp_header // ensures (\result == 1) ==> \separated(file_recovery_new, file_recovery_new->extension); static int header_check_bmp(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new) { + /*@ assert \valid_read(buffer+(0..buffer_size-1)); */ + /*@ assert \initialized(buffer+(0..buffer_size-1)); */ const struct bmp_header *bm=(const struct bmp_header *)buffer; + /*@ assert \valid_read(bm); */ if(buffer[0]!='B' || buffer[1]!='M') return 0; if(bm->reserved!=0) @@ -116,6 +119,8 @@ static int header_check_bmp(const unsigned char *buffer, const unsigned int buff { /* See http://en.wikipedia.org/wiki/BMP_file_format */ reset_file_recovery(file_recovery_new); + /*@ assert file_recovery_new->file_stat == \null; */ + /*@ assert file_recovery_new->handle == \null; */ file_recovery_new->extension=file_hint_bmp.extension; file_recovery_new->min_filesize=65; file_recovery_new->calculated_file_size=(uint64_t)le32(bm->size); @@ -129,6 +134,7 @@ static int header_check_bmp(const unsigned char *buffer, const unsigned int buff /*@ assert file_recovery_new->file_check == &file_check_size; */ /*@ assert valid_read_string(file_recovery_new->extension); */ /*@ assert \initialized(&file_recovery_new->time); */ + /*@ assert valid_file_recovery(file_recovery_new); */ return 1; } return 0; diff --git a/src/file_jpg.c b/src/file_jpg.c index 45e668d9..99fbba42 100644 --- a/src/file_jpg.c +++ b/src/file_jpg.c @@ -881,9 +881,12 @@ static time_t jpg_get_date(const unsigned char *buffer, const unsigned int buffe @*/ static int header_check_jpg(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new) { + /*@ assert valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new); */ unsigned int i=2; time_t jpg_time=0; /*@ + @ loop invariant \valid_read(buffer+(0..buffer_size-1)); + @ loop invariant \initialized(buffer+(0..buffer_size-1)); @ loop assigns i, jpg_time; @ loop variant buffer_size - (i+4); @*/ diff --git a/src/file_sig.c b/src/file_sig.c index e5316cd7..e9e57e6b 100644 --- a/src/file_sig.c +++ b/src/file_sig.c @@ -421,6 +421,7 @@ static unsigned int str_uint(char **ptr) } /*@ + @ terminates \true; @ assigns \nothing; @ */ static unsigned char escaped_char(const unsigned char c) @@ -443,6 +444,7 @@ static unsigned char escaped_char(const unsigned char c) } /*@ + @ terminates \true; @ ensures 0 <= \result <= 0x10; @ assigns \nothing; @*/ @@ -458,6 +460,7 @@ static unsigned int load_hex1(const unsigned char c) } /*@ + @ terminates \true; @ ensures 0 <= \result <= 0x100; @ assigns \nothing; @*/ diff --git a/src/file_tar.c b/src/file_tar.c index 89a1ea30..452534b6 100644 --- a/src/file_tar.c +++ b/src/file_tar.c @@ -116,9 +116,11 @@ int is_valid_tar_header(const struct tar_posix_header *h) @*/ static int header_check_tar(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new) { + /*@ assert valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new); */ const struct tar_posix_header *h = (const struct tar_posix_header *)buffer; if(is_valid_tar_header(h) == 0) return 0; + /*@ assert \valid_read(file_recovery); */ if(file_recovery->file_stat != NULL && file_recovery->file_stat->file_hint == &file_hint_tar) { /* header_ignored(file_recovery_new); is useless as there is no file check */ diff --git a/src/fnctdsk.c b/src/fnctdsk.c index ea0dcd49..50aea70d 100644 --- a/src/fnctdsk.c +++ b/src/fnctdsk.c @@ -40,10 +40,12 @@ /*@ @ requires \valid(part); + @ ensures \valid(\result); @*/ static list_part_t *element_new(partition_t *part) { list_part_t *new_element=(list_part_t*)MALLOC(sizeof(*new_element)); + /*@ assert \valid(new_element); */ new_element->part=part; new_element->prev=new_element->next=NULL; new_element->to_be_removed=0; @@ -143,7 +145,10 @@ list_disk_t *insert_new_disk_aux(list_disk_t *list_disk, disk_t *disk, disk_t ** if(disk==NULL) { if(the_disk!=NULL) + { + /*@ assert \valid(the_disk); */ *the_disk=NULL; + } /*@ assert valid_list_disk(list_disk); */ return list_disk; } @@ -153,7 +158,10 @@ list_disk_t *insert_new_disk_aux(list_disk_t *list_disk, disk_t *disk, disk_t ** { disk->clean(disk); if(the_disk!=NULL) + { + /*@ assert \valid(the_disk); */ *the_disk=found; + } /*@ assert valid_list_disk(list_disk); */ return list_disk; } @@ -161,12 +169,15 @@ list_disk_t *insert_new_disk_aux(list_disk_t *list_disk, disk_t *disk, disk_t ** { list_disk_t *tmp; /*@ + @ loop invariant valid_list_disk(list_disk); + @ loop invariant tmp==\null || \valid(tmp); @ loop assigns tmp,prev; @*/ for(tmp=list_disk;tmp!=NULL;tmp=tmp->next) prev=tmp; } new_disk=(list_disk_t *)MALLOC(sizeof(*new_disk)); + /*@ assert \valid(new_disk); */ new_disk->disk=disk; new_disk->prev=prev; new_disk->next=NULL; @@ -175,7 +186,10 @@ list_disk_t *insert_new_disk_aux(list_disk_t *list_disk, disk_t *disk, disk_t ** prev->next=new_disk; } if(the_disk!=NULL) + { + /*@ assert \valid(the_disk); */ *the_disk=disk; + } /*@ assert valid_list_disk(new_disk); */ /*@ assert valid_list_disk(list_disk); */ return (list_disk!=NULL?list_disk:new_disk); @@ -191,8 +205,14 @@ list_part_t *insert_new_partition(list_part_t *list_part, partition_t *part, con list_part_t *prev=NULL; list_part_t *next; *insert_error=0; + /*@ + @ loop invariant valid_list_part(list_part); + @ loop invariant valid_partition(part); + @ loop invariant \valid(insert_error); + @*/ for(next=list_part;;next=next->next) { /* prev new next */ + /*@ assert next == \null || (\valid(next) && valid_partition(next->part)); */ if((next==NULL)|| (part->part_offset<next->part->part_offset) || (part->part_offset==next->part->part_offset && @@ -214,11 +234,13 @@ list_part_t *insert_new_partition(list_part_t *list_part, partition_t *part, con next->part->status=part->status; } *insert_error=1; + /*@ assert valid_list_part(list_part); */ return list_part; } { /* prev new_element next */ list_part_t *new_element; new_element=element_new(part); + /*@ assert \valid(new_element); */ new_element->next=next; new_element->prev=prev; if(next!=NULL) @@ -226,8 +248,10 @@ list_part_t *insert_new_partition(list_part_t *list_part, partition_t *part, con if(prev!=NULL) { prev->next=new_element; + /*@ assert valid_list_part(list_part); */ return list_part; } + /*@ assert valid_list_part(new_element); */ return new_element; } } @@ -239,10 +263,17 @@ int delete_list_disk(list_disk_t *list_disk) { list_disk_t *element_disk; int write_used=0; + /*@ + @ loop invariant valid_list_disk(element_disk); + @*/ for(element_disk=list_disk;element_disk!=NULL;) { + /*@ assert \valid_read(element_disk); */ list_disk_t *element_disk_next=element_disk->next; + /*@ assert valid_disk(element_disk->disk); */ write_used|=element_disk->disk->write_used; + /*@ assert \valid_read(element_disk->disk); */ + /*@ assert \valid_function(element_disk->disk->clean); */ element_disk->disk->clean(element_disk->disk); free(element_disk); element_disk=element_disk_next; @@ -257,11 +288,13 @@ list_part_t *sort_partition_list(list_part_t *list_part) list_part_t *next; /*@ assert valid_list_part(new_list_part); */ /*@ + @ loop invariant valid_list_part(list_part); @ loop invariant valid_list_part(new_list_part); @*/ for(element=list_part;element!=NULL;element=next) { int insert_error=0; + /*@ assert \valid(element); */ next=element->next; new_list_part=insert_new_partition(new_list_part, element->part, 0, &insert_error); if(insert_error>0) @@ -278,13 +311,17 @@ list_part_t *gen_sorted_partition_list(const list_part_t *list_part) const list_part_t *element; /*@ assert valid_list_part(new_list_part); */ /*@ + @ loop invariant valid_list_part(list_part); @ loop invariant valid_list_part(new_list_part); @*/ for(element=list_part;element!=NULL;element=element->next) { + /*@ assert \valid_read(element); */ + /*@ assert \valid_read(element->part); */ int insert_error=0; if(element->part->status!=STATUS_DELETED) new_list_part=insert_new_partition(new_list_part, element->part, 1, &insert_error); + /*@ assert \valid_read(element); */ } /*@ assert valid_list_part(new_list_part); */ return new_list_part; @@ -329,14 +366,17 @@ int is_part_overlapping(const list_part_t *list_part) return 0; element=list_part; /*@ + @ loop invariant \valid_read(element); @ loop assigns element; @*/ while(1) { - const list_part_t *next=element->next; const partition_t *partition=element->part; + const list_part_t *next=element->next; if(next==NULL) return 0; + /*@ assert \valid_read(partition); */ + /*@ assert \valid_read(next->part); */ if( (partition->part_offset + partition->part_size - 1 >= next->part->part_offset) || ((partition->status==STATUS_PRIM || partition->status==STATUS_PRIM_BOOT || @@ -360,7 +400,7 @@ void partition_reset(partition_t *partition, const arch_fnct_t *arch) partition->part_type_sun=PSUN_UNK; partition->part_type_mac=PMAC_UNK; partition->part_type_xbox=PXBOX_UNK; - partition->part_type_gpt=GPT_ENT_TYPE_UNUSED; + partition->part_type_gpt=(const efi_guid_t)GPT_ENT_TYPE_UNUSED; #ifndef DISABLED_FOR_FRAMAC guid_cpy(&partition->part_uuid, &GPT_ENT_TYPE_UNUSED); #endif @@ -377,7 +417,9 @@ void partition_reset(partition_t *partition, const arch_fnct_t *arch) partition_t *partition_new(const arch_fnct_t *arch) { partition_t *partition=(partition_t *)MALLOC(sizeof(*partition)); + /*@ assert \valid(partition); */ partition_reset(partition, arch); + /*@ assert valid_partition(partition); */ return partition; } @@ -390,11 +432,16 @@ static unsigned int get_geometry_from_list_part_aux(const disk_t *disk_car, cons { const list_part_t *element; unsigned int nbr=0; - /*@ loop assigns element, nbr; */ + /*@ + @ loop assigns element, nbr; + @ loop invariant valid_list_part(element); + @*/ for(element=list_part;element!=NULL;element=element->next) { CHS_t start; CHS_t end; + /*@ assert \valid_read(element); */ + /*@ assert \valid_read(element->part); */ offset2CHS(disk_car,element->part->part_offset,&start); offset2CHS(disk_car,element->part->part_offset+element->part->part_size-1,&end); if(start.sector==1 && start.head<=1) @@ -481,6 +528,7 @@ void log_disk_list(list_disk_t *list_disk) log_info("Hard disk list\n"); /*@ @ loop invariant valid_list_disk(list_disk); + @ loop invariant valid_list_disk(element_disk); @*/ for(element_disk=list_disk;element_disk!=NULL;element_disk=element_disk->next) { diff --git a/src/fnctdsk.h b/src/fnctdsk.h index 196aabc2..5393baa1 100644 --- a/src/fnctdsk.h +++ b/src/fnctdsk.h @@ -88,7 +88,7 @@ void offset2CHS(const disk_t *disk_car,const uint64_t offset, CHS_t*CHS); @ requires \valid(disk); @ requires valid_disk(disk); @ requires disk==\null || \separated(disk, \union(list_disk, the_disk)); - @ requires the_disk==\null || (\valid_read(the_disk) && valid_disk(*the_disk) && \separated(the_disk, \union(list_disk, disk))); + @ requires the_disk==\null || (\valid(the_disk) && valid_disk(*the_disk) && \separated(the_disk, \union(list_disk, disk))); @ decreases 0; @*/ // ensures \result==\null || (\valid(\result) && valid_disk(\result->disk)); @@ -114,10 +114,9 @@ list_disk_t *insert_new_disk(list_disk_t *list_disk, disk_t *disk_car); @ requires valid_list_part(list_part); @ requires valid_partition(part); @ requires \valid(insert_error); - @ requires (list_part==\null && part==\null) || \separated(list_part, part); - @ requires insert_error==\null || \valid(insert_error); + @ requires (list_part==\null && part==\null) || \separated(list_part, part, insert_error); + @ ensures valid_list_part(\result); @*/ -// ensures valid_list_part(\result); list_part_t *insert_new_partition(list_part_t *list_part, partition_t *part, const int force_insert, int *insert_error); /*@ diff --git a/src/hdaccess.c b/src/hdaccess.c index e82aead1..91ec7915 100644 --- a/src/hdaccess.c +++ b/src/hdaccess.c @@ -36,6 +36,7 @@ #undef HAVE_SCSI_SG_H #undef HAVE_SYS_MOUNT_H #undef HAVE_SYS_PARAM_H +#undef HAVE_SYS_SYSMACROS_H #endif #ifdef HAVE_SYS_STAT_H @@ -315,6 +316,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd list_disk=insert_new_disk(list_disk, file_test_availability(device, verbose, testdisk_mode)); } } +#elif defined(DISABLED_FOR_FRAMAC) #elif defined(TARGET_LINUX) { int j; @@ -329,6 +331,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 8; + @ loop variant 8 - i; @*/ for(i=0;i<8;i++) { @@ -339,6 +342,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= j <= 8; + @ loop variant 8 - j; @*/ for(j=0;j<8;j++) { @@ -346,6 +350,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 8; + @ loop variant 8 - i; @*/ for(i=0;i<8;i++) { @@ -356,6 +361,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 8; + @ loop variant 8 - i; @*/ for(i=0;i<8;i++) { @@ -366,6 +372,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 10; + @ loop variant 10 - i; @*/ for(i=0;i<10;i++) { @@ -376,6 +383,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 15; + @ loop variant 15 - i; @*/ for(i=0;i<15;i++) { @@ -386,6 +394,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 4; + @ loop variant 4 - i; @*/ for(i=0;i<4;i++) { @@ -396,6 +405,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 26; + @ loop variant 26 - i; @*/ for(i=0;i<26;i++) { @@ -406,6 +416,7 @@ list_disk_t *hd_parse(list_disk_t *list_disk, const int verbose, const int testd /*@ @ loop invariant valid_list_disk(list_disk); @ loop invariant 0 <= i <= 10; + @ loop variant 10 - i; @*/ for(i=0;i<10;i++) { @@ -971,12 +982,17 @@ void update_disk_car_fields(disk_t *disk_car) #ifdef TARGET_LINUX /*@ @ requires valid_string(buf); + @ requires strlen(buf) < (1<<31); @ ensures valid_string(buf); @*/ static void rtrim(char *buf) { unsigned int i; - /*@ loop assigns i; */ + /*@ + @ loop invariant valid_string(&buf[i]); + @ loop assigns i; + @ loop variant i; + */ for(i=strlen(buf); i>0 && buf[i] == ' '; i--); /*@ assert 0 <= i < strlen(buf); */ buf[i]='\0'; @@ -2046,8 +2062,16 @@ void hd_update_all_geometry(const list_disk_t * list_disk, const int verbose) { log_trace("hd_update_all_geometry\n"); } + /*@ + @ loop invariant valid_list_disk(element_disk); + @*/ for(element_disk=list_disk;element_disk!=NULL;element_disk=element_disk->next) + { + /*@ assert \valid(element_disk); */ + /*@ assert valid_disk(element_disk->disk); */ hd_update_geometry(element_disk->disk, verbose); + /*@ assert \valid(element_disk); */ + } } void init_disk(disk_t *disk) diff --git a/src/intrf.c b/src/intrf.c index 180b18d6..d63858ff 100644 --- a/src/intrf.c +++ b/src/intrf.c @@ -68,6 +68,7 @@ int intr_nbr_line=0; int screen_buffer_add(const char *_format, ...) { +#ifndef DISABLED_FOR_FRAMAC char tmp[BUFFER_LINE_LENGTH+1]; const char *start=tmp; va_list ap; @@ -99,6 +100,7 @@ int screen_buffer_add(const char *_format, ...) log_warning("Buffer can't store more than %d lines.\n", MAX_LINES); intr_nbr_line++; } +#endif return 0; } @@ -119,6 +121,9 @@ void screen_buffer_to_log(void) if(intr_buffer_screen[intr_nbr_line][0]!='\0') intr_nbr_line++; /* to log file */ + /*@ + @ loop variant intr_nbr_line - i; + @*/ for(i=0;i<intr_nbr_line;i++) log_info("%s\n",intr_buffer_screen[i]); } @@ -145,7 +150,9 @@ const char *aff_part_aux(const unsigned int newline, const disk_t *disk_car, con const arch_fnct_t *arch=partition->arch; if(arch==NULL) { +#ifndef DISABLED_FOR_FRAMAC log_error("BUG: No arch for a partition\n"); +#endif msg[0]='\0'; return msg; } @@ -211,7 +218,10 @@ const char *aff_part_aux(const unsigned int newline, const disk_t *disk_car, con uint64_t atouint64(const char *nptr) { uint64_t tmp=0; - /*@ loop assigns tmp, nptr; */ + /*@ + @ loop invariant valid_read_string(nptr); + @ loop assigns tmp, nptr; + @*/ while(*nptr >='0' && *nptr <= '9') { tmp = tmp * 10 + *nptr - '0'; @@ -222,6 +232,7 @@ uint64_t atouint64(const char *nptr) uint64_t ask_number_cli(char **current_cmd, const uint64_t val_cur, const uint64_t val_min, const uint64_t val_max, const char * _format, ...) { + /*@ assert \valid(current_cmd); */ if(*current_cmd!=NULL) { uint64_t tmp_val; @@ -266,5 +277,7 @@ void log_CHS_from_LBA(const disk_t *disk_car, const unsigned long int pos_LBA) tmp=pos_LBA/tmp; cylinder=tmp / disk_car->geom.heads_per_cylinder; head=tmp % disk_car->geom.heads_per_cylinder; +#ifndef DISABLED_FOR_FRAMAC log_info("%lu/%lu/%lu", cylinder, head, sector); +#endif } diff --git a/src/intrf.h b/src/intrf.h index dd9cfe30..3b6fd81f 100644 --- a/src/intrf.h +++ b/src/intrf.h @@ -89,6 +89,7 @@ void aff_part_buffer(const unsigned int newline, const disk_t *disk_car, const p uint64_t atouint64(const char *nptr); /*@ + @ requires \valid(current_cmd); @ requires valid_read_string(*current_cmd); @ ensures valid_read_string(*current_cmd); @ assigns *current_cmd; @@ -101,6 +102,7 @@ void screen_buffer_to_log(void); /*@ @ requires \valid_read(partition); @ requires valid_partition(partition); + @ terminates \true; @ assigns \nothing; @*/ int get_partition_status(const partition_t *partition); @@ -60,6 +60,7 @@ static int test_ISO(const struct iso_primary_descriptor *iso) int check_ISO(disk_t *disk_car, partition_t *partition) { unsigned char *buffer=(unsigned char*)MALLOC(ISO_PD_SIZE); + /*@ assert \valid(buffer + (0 .. ISO_PD_SIZE-1)); */ if(disk_car->pread(disk_car, buffer, ISO_PD_SIZE, partition->part_offset + 64 * 512) != ISO_PD_SIZE) { free(buffer); @@ -98,6 +99,8 @@ int recover_ISO(const struct iso_primary_descriptor *iso, partition_t *partition if(test_ISO(iso)!=0) return 1; set_ISO_info(iso, partition); + /*@ assert \valid_read(iso); */ + /*@ assert \valid(partition); */ { const unsigned int volume_space_size_le=le32(iso->volume_space_size_le); const unsigned int volume_space_size_be=be32(iso->volume_space_size_be); @@ -3,17 +3,17 @@ File: list.h Copyright (C) 2006-2008 Christophe GRENIER <[email protected]> - + This software is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. @@ -109,6 +109,7 @@ struct td_list_head { @ requires next->prev == prev; @ requires list_separated(prev, newe); @ requires list_separated(next, newe); + @ terminates \true; @ ensures prev->next == newe; @ ensures newe->prev == prev; @ ensures newe->next == next; @@ -157,6 +158,7 @@ static inline void __td_list_add(struct td_list_head *newe, @ requires finite(head); @ requires finite(head->next); @ requires list_separated(head, newe); + @ terminates \true; @ ensures head->next == newe; @ ensures newe->prev == head; @ ensures newe->next == \old(head->next); @@ -187,6 +189,7 @@ static inline void td_list_add(struct td_list_head *newe, struct td_list_head *h @ requires list_separated(head->prev, newe); @ requires list_separated(head, newe); @ requires finite(head); + @ terminates \true; @ ensures head->prev == newe; @ ensures newe->next == head; @ ensures newe->prev == \old(head->prev); @@ -209,6 +212,7 @@ static inline void td_list_add_tail(struct td_list_head *newe, struct td_list_he @ requires \valid(prev); @ requires \valid(next); @ requires prev == next || \separated(prev,next); + @ terminates \true; @ ensures next->prev == prev; @ ensures prev->next == next; @ assigns next->prev,prev->next; @@ -233,6 +237,7 @@ static inline void __td_list_del(struct td_list_head * prev, struct td_list_head @ requires \valid(entry->next); @ requires \separated(entry, \union(entry->prev,entry->next)); @ requires entry->prev == entry->next || \separated(entry->prev,entry->next); + @ terminates \true; @ ensures \old(entry->prev)->next == \old(entry->next); @ ensures \old(entry->next)->prev == \old(entry->prev); @ assigns \old(entry->prev)->next, \old(entry->next)->prev, entry->next, entry->prev; @@ -291,6 +296,7 @@ static inline void td_list_move_tail(struct td_list_head *list, */ /*@ @ requires \valid_read(head); + @ terminates \true; @ assigns \nothing; @*/ static inline int td_list_empty(const struct td_list_head *head) diff --git a/src/list_sort.c b/src/list_sort.c index 1edd7fb8..d82d2810 100644 --- a/src/list_sort.c +++ b/src/list_sort.c @@ -45,6 +45,12 @@ static struct td_list_head *merge( { struct td_list_head head, *tail = &head; + /*@ + @ loop invariant \valid_function(cmp); + @ loop invariant \valid(tail); + @ loop invariant \valid(a); + @ loop invariant \valid(b); + @*/ while (a && b) { /* if equal, take 'a' -- important for sort stability */ if ((*cmp)(a, b) <= 0) { @@ -127,8 +133,8 @@ void td_list_sort(struct td_list_head *head, { struct td_list_head *part[MAX_LIST_LENGTH_BITS+1]; /* sorted partial lists -- last slot is a sentinel */ - int lev; /* index into part[] */ - int max_lev = 0; + unsigned int lev; /* index into part[] */ + unsigned int max_lev = 0; struct td_list_head *list; if (td_list_empty(head)) @@ -139,11 +145,17 @@ void td_list_sort(struct td_list_head *head, head->prev->next = NULL; list = head->next; + /*@ + @ loop invariant \valid_function(cmp); + @*/ while (list) { struct td_list_head *cur = list; list = list->next; cur->next = NULL; + /*@ + @ loop invariant \valid_function(cmp); + @*/ for (lev = 0; part[lev]; lev++) { cur = merge(cmp, part[lev], cur); part[lev] = NULL; @@ -159,6 +171,9 @@ void td_list_sort(struct td_list_head *head, part[lev] = cur; } + /*@ + @ loop invariant \valid_function(cmp); + @*/ for (lev = 0; lev < max_lev; lev++) if (part[lev]) list = merge(cmp, part[lev], list); @@ -225,6 +225,7 @@ int log_redirect(const unsigned int level, const char *format, ...) void dump_log(const void *nom_dump, const unsigned int lng) { +#ifndef DISABLED_FOR_FRAMAC const char *ptr=(const char*)nom_dump; const unsigned int nbr_line=(lng+0x10-1)/0x10; unsigned int i; @@ -233,6 +234,7 @@ void dump_log(const void *nom_dump, const unsigned int lng) /*@ @ loop invariant 0 <= i <= nbr_line; @ loop assigns *log_handle, f_status, i; + @ loop variant nbr_line - i; @*/ for (i=0; i<nbr_line; i++) { @@ -241,6 +243,7 @@ void dump_log(const void *nom_dump, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 0x10; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x10 - j; @*/ for(j=0; j< 0x10;j++) { @@ -260,6 +263,7 @@ void dump_log(const void *nom_dump, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 0x10; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x10 - j; @*/ for(j=0; j< 0x10;j++) { @@ -277,10 +281,12 @@ void dump_log(const void *nom_dump, const unsigned int lng) } log_info("\n"); } +#endif } void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) { +#ifndef DISABLED_FOR_FRAMAC const char *ptr1=(const char*)dump_1; const char *ptr2=(const char*)dump_2; const unsigned int nbr_line=(lng+0x08-1)/0x08; @@ -289,6 +295,7 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) /*@ @ loop invariant 0 <= i <= nbr_line; @ loop assigns *log_handle, f_status, i, j; + @ loop variant nbr_line - i; @*/ for (i=0; i<nbr_line; i++) { @@ -296,6 +303,7 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 8; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x8 - j; @*/ for(j=0; j<0x08;j++) { @@ -313,6 +321,7 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 8; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x8 - j; @*/ for(j=0; j<0x08;j++) { @@ -332,6 +341,7 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 8; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x8 - j; @*/ for(j=0; j<0x08;j++) { @@ -349,6 +359,7 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) /*@ @ loop invariant 0 <= j <= 8; @ loop assigns *log_handle, f_status, j; + @ loop variant 0x8 - j; @*/ for(j=0; j<0x08;j++) { @@ -366,4 +377,5 @@ void dump2_log(const void *dump_1, const void *dump_2, const unsigned int lng) } log_info("\n"); } +#endif } diff --git a/src/ntfs_dir.c b/src/ntfs_dir.c index 21a57c03..d6fc559f 100644 --- a/src/ntfs_dir.c +++ b/src/ntfs_dir.c @@ -76,7 +76,6 @@ #include "common.h" #include "intrf.h" -#include "ntfs.h" #include "list.h" #include "list_sort.h" #include "dir.h" diff --git a/src/partgpt.c b/src/partgpt.c index cd3f3278..a6e161b8 100644 --- a/src/partgpt.c +++ b/src/partgpt.c @@ -52,10 +52,13 @@ #include "fnctdsk.h" #include "lang.h" #include "intrf.h" +#ifndef DISABLED_FOR_FRAMAC #include "analyse.h" +#endif #include "chgtype.h" #include "partgpt.h" #include "savehdr.h" +#ifndef DISABLED_FOR_FRAMAC #include "apfs.h" #include "bfs.h" #include "exfat.h" @@ -63,11 +66,12 @@ #include "hfs.h" #include "hfsp.h" #include "lvm.h" +#include "md.h" #include "ntfs.h" #include "refs.h" +#endif #include "log.h" #include "log_part.h" -#include "md.h" #include "guid_cmp.h" #include "guid_cpy.h" #include "unicode.h" diff --git a/src/parti386.c b/src/parti386.c index 2c097a16..39c171b7 100644 --- a/src/parti386.c +++ b/src/parti386.c @@ -42,6 +42,7 @@ #include "intrf.h" #include "chgtype.h" #include "savehdr.h" +#ifndef DISABLED_FOR_FRAMAC #include "analyse.h" #include "bfs.h" #include "bsd.h" @@ -55,6 +56,7 @@ #include "ntfs.h" #include "sun.h" #include "swap.h" +#endif #include "log.h" #include "parti386.h" #include "partgpt.h" diff --git a/src/partmac.c b/src/partmac.c index 58a88ec6..b05c0f9f 100644 --- a/src/partmac.c +++ b/src/partmac.c @@ -39,7 +39,9 @@ #include "fnctdsk.h" #include "lang.h" #include "intrf.h" +#ifndef DISABLED_FOR_FRAMAC #include "analyse.h" +#endif #include "chgtype.h" #include "partmac.h" #include "savehdr.h" diff --git a/src/partnone.c b/src/partnone.c index 406b7934..df17df44 100644 --- a/src/partnone.c +++ b/src/partnone.c @@ -36,7 +36,9 @@ #include "types.h" #include "common.h" #include "fnctdsk.h" +#if !defined(DISABLED_FOR_FRAMAC) #include "analyse.h" +#endif #include "lang.h" #include "intrf.h" #include "fat_common.h" @@ -118,7 +120,7 @@ static void set_next_status_none(const disk_t *disk_car, partition_t *partition) static int test_structure_none(const list_part_t *list_part); /*@ - @ requires \valid_read(partition); + @ requires \valid(partition); @ assigns partition->upart_type; @*/ static int set_part_type_none(partition_t *partition, unsigned int part_type); @@ -238,6 +240,7 @@ static int get_geometry_from_nonembr(const unsigned char *buffer, const int verb { /* Ugly hack to get geometry from FAT and NTFS */ const struct fat_boot_sector *fat_header=(const struct fat_boot_sector *)buffer; + /*@ assert \valid_read(fat_header); */ if(le16(fat_header->marker)==0xAA55) { if(le16(fat_header->secs_track)>0 && le16(fat_header->secs_track)<=63 && @@ -399,6 +402,8 @@ static void init_structure_none(const disk_t *disk_car,list_part_t *list_part, c list_part_t *element; for(element=list_part;element!=NULL;element=element->next) { + /*@ assert \valid_read(element); */ + /*@ assert \valid(element->part); */ element->part->status=STATUS_PRIM; } } @@ -549,11 +554,16 @@ static int check_part_none(disk_t *disk_car,const int verbose,partition_t *parti @*/ static const char *get_partition_typename_none_aux(const unsigned int part_type_none) { - int i; - /*@ loop assigns i; */ + unsigned int i; + /*@ + @ loop assigns i; + @ loop variant sizeof(none_sys_types)/sizeof(struct systypes) - i; + @*/ for (i=0; none_sys_types[i].name!=NULL; i++) + { if (none_sys_types[i].part_type == part_type_none) return none_sys_types[i].name; + } return NULL; } diff --git a/src/partsun.c b/src/partsun.c index eeed60ee..cf61223c 100644 --- a/src/partsun.c +++ b/src/partsun.c @@ -39,7 +39,9 @@ #include "fnctdsk.h" #include "lang.h" #include "intrf.h" +#ifndef DISABLED_FOR_FRAMAC #include "analyse.h" +#endif #include "chgtype.h" #include "sun.h" #include "swap.h" diff --git a/src/phcfg.c b/src/phcfg.c index 9aed55ca..36aa298c 100644 --- a/src/phcfg.c +++ b/src/phcfg.c @@ -184,7 +184,12 @@ int file_options_save(const file_enable_t *files_enable) handle=file_options_save_aux(); if(handle==NULL) return -1; + /*@ + @ loop invariant \valid_read(files_enable); + @*/ for(file_enable=&files_enable[0];file_enable->file_hint!=NULL;file_enable++) + { + /*@ assert \valid_read(file_enable); */ if(file_enable->file_hint->extension!=NULL) { if(file_enable->enable==0) @@ -192,6 +197,7 @@ int file_options_save(const file_enable_t *files_enable) else fprintf(handle, "%s,enable\n", file_enable->file_hint->extension); } + } fclose(handle); return 0; } diff --git a/src/photorec.c b/src/photorec.c index 85bee7a6..8300e91d 100644 --- a/src/photorec.c +++ b/src/photorec.c @@ -114,7 +114,7 @@ void del_search_space(alloc_data_t *list_search_space, const uint64_t start, con /*@ @ requires \valid(list_search_space); - @ requires new_current_search_space == \null || \valid(*new_current_search_space); + @ requires new_current_search_space == \null || (\valid(new_current_search_space) && \valid(*new_current_search_space)); @ requires offset == \null || \valid(offset); @ decreases end-start; @*/ @@ -129,10 +129,16 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 #endif if(start > end) return ; + /*@ + @ loop invariant \valid(list_search_space); + @ loop invariant new_current_search_space == \null || (\valid(new_current_search_space) && \valid(*new_current_search_space)); + @ loop invariant offset == \null || \valid(offset); + @*/ td_list_for_each_prev(search_walker, &list_search_space->list) { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ #ifdef DEBUG_UPDATE_SEARCH_SPACE log_trace("update_search_space_aux offset=%llu remove [%llu-%llu] in [%llu-%llu]\n", (long long unsigned)(offset==NULL?0:((*offset)/512)), @@ -149,6 +155,7 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 if(offset!=NULL && new_current_search_space!=NULL && current_search_space->start<=*offset && *offset<=end) { + /*@ assert \valid(new_current_search_space); */ *new_current_search_space=current_search_space; *offset=end+1; } @@ -161,6 +168,7 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 current_search_space->start<=*offset && *offset<=current_search_space->end) { *new_current_search_space=td_list_next_entry(current_search_space, list); + /*@ assert \valid(*new_current_search_space); */ *offset=(*new_current_search_space)->start; } td_list_del(search_walker); @@ -180,6 +188,7 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 start<=*offset && *offset<=current_search_space->end) { *new_current_search_space=td_list_next_entry(current_search_space, list); + /*@ assert \valid(*new_current_search_space); */ *offset=(*new_current_search_space)->start; } current_search_space->end=start-1; @@ -190,6 +199,7 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 current_search_space->start<=*offset && *offset<=current_search_space->end) { *new_current_search_space=td_list_next_entry(current_search_space, list); + /*@ assert \valid(*new_current_search_space); */ *offset=(*new_current_search_space)->start; } td_list_del(search_walker); @@ -215,6 +225,7 @@ static void update_search_space_aux(alloc_data_t *list_search_space, const uint6 { alloc_data_t *new_free_space; new_free_space=(alloc_data_t*)MALLOC(sizeof(*new_free_space)); + /*@ assert \valid(new_free_space); */ new_free_space->start=start; new_free_space->end=current_search_space->end; new_free_space->file_stat=NULL; @@ -236,6 +247,7 @@ void init_search_space(alloc_data_t *list_search_space, const disk_t *disk_car, { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=partition->part_offset; new_sp->end=partition->part_offset+partition->part_size-1; if(new_sp->end > disk_car->disk_size-1) @@ -253,12 +265,19 @@ void free_list_search_space(alloc_data_t *list_search_space) { struct td_list_head *search_walker = NULL; struct td_list_head *search_walker_next = NULL; + /*@ + @ loop invariant \valid(search_walker); + @ loop invariant \valid(search_walker_next); + @ loop invariant valid_list_search_space(list_search_space); + @*/ td_list_for_each_safe(search_walker,search_walker_next,&list_search_space->list) { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ td_list_del(search_walker); free(current_search_space); + /*@ assert \valid(search_walker); */ } } @@ -319,17 +338,23 @@ unsigned int photorec_mkdir(const char *recup_dir, const unsigned int initial_di int get_prev_file_header(const alloc_data_t *list_search_space, alloc_data_t **current_search_space, uint64_t *offset) { int nbr; + /*@ assert \valid(current_search_space); */ alloc_data_t *file_space=*current_search_space; uint64_t size=0; gpfh_nbr++; /* Search backward the first fragment of a file not successfully recovered * Limit the search to 3 fragments or 200MB */ /*@ + @ loop invariant \valid(current_search_space); + @ loop invariant \valid(offset); + @ loop invariant \valid_read(file_space); @ loop assigns nbr, file_space, *current_search_space, *offset; + @ loop variant 3 - nbr; @*/ for(nbr=0; nbr<3 && size < (uint64_t)200*1024*1024; nbr++) { file_space=td_list_prev_entry(file_space, list); + /*@ assert \valid(file_space); */ if(file_space==list_search_space) return -1; /*@ assert file_space->end > file_space->start; */ @@ -352,6 +377,9 @@ void forget(const alloc_data_t *list_search_space, alloc_data_t *current_search_ int nbr=0; if(current_search_space==list_search_space) return ; + /*@ + @ loop invariant \valid(search_walker); + @*/ for(search_walker=¤t_search_space->list; search_walker!=&list_search_space->list; search_walker=prev) @@ -361,6 +389,7 @@ void forget(const alloc_data_t *list_search_space, alloc_data_t *current_search_ { alloc_data_t *tmp; tmp=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(tmp); */ td_list_del(&tmp->list); free(tmp); } @@ -392,6 +421,7 @@ unsigned int remove_used_space(disk_t *disk_car, const partition_t *partition, a void update_stats(file_stat_t *file_stats, alloc_data_t *list_search_space) { +#ifndef DISABLED_FOR_FRAMAC struct td_list_head *search_walker = NULL; int i; /* Reset */ @@ -399,17 +429,22 @@ void update_stats(file_stat_t *file_stats, alloc_data_t *list_search_space) @ loop assigns i, file_stats[i].not_recovered; @*/ for(i=0;file_stats[i].file_hint!=NULL;i++) + { + /*@ assert \valid(file_stats[i]); */ file_stats[i].not_recovered=0; + } /* Update */ td_list_for_each(search_walker, &list_search_space->list) { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ if(current_search_space->file_stat!=NULL) { current_search_space->file_stat->not_recovered++; } } +#endif } void write_stats_log(const file_stat_t *file_stats) @@ -427,6 +462,7 @@ void write_stats_log(const file_stat_t *file_stats) return ; nbr=i; new_file_stats=(file_stat_t*)MALLOC(nbr*sizeof(file_stat_t)); + /*@ assert \valid(new_file_stats); */ memcpy(new_file_stats, file_stats, nbr*sizeof(file_stat_t)); qsort(new_file_stats, nbr, sizeof(file_stat_t), sorfile_stat_ts); for(i=0;i<nbr;i++) @@ -456,6 +492,8 @@ int sorfile_stat_ts(const void *p1, const void *p2) { const file_stat_t *f1=(const file_stat_t *)p1; const file_stat_t *f2=(const file_stat_t *)p2; + /*@ assert \valid_read(f1); */ + /*@ assert \valid_read(f2); */ /* bigest to lowest */ if(f1->recovered < f2->recovered) return 1; @@ -483,14 +521,30 @@ unsigned int find_blocksize(const alloc_data_t *list_search_space, const unsigne *offset=0; if(td_list_empty(&list_search_space->list)) return default_blocksize; - *offset=(td_list_first_entry(&list_search_space->list, alloc_data_t, list))->start % blocksize; + { + const alloc_data_t *tmp=td_list_first_entry(&list_search_space->list, alloc_data_t, list); + /*@ assert \valid_read(tmp); */ + *offset=tmp->start % blocksize; + } + /*@ + @ loop invariant blocksize > 0; + @ loop invariant \valid(offset); + @ loop invariant valid_list_search_space(list_search_space); + @*/ do { const struct td_list_head *search_walker = NULL; run_again=0; + /*@ + @ loop invariant blocksize > 0; + @ loop invariant \valid(offset); + @ loop invariant valid_list_search_space(list_search_space); + @ loop invariant \valid(search_walker); + @*/ td_list_for_each(search_walker, &list_search_space->list) { const alloc_data_t *tmp=td_list_entry_const(search_walker, const alloc_data_t, list); + /*@ assert \valid_read(tmp); */ if(tmp->file_stat!=NULL) { if(tmp->start%blocksize!=*offset && blocksize>default_blocksize) @@ -507,6 +561,7 @@ unsigned int find_blocksize(const alloc_data_t *list_search_space, const unsigne void update_blocksize(const unsigned int blocksize, alloc_data_t *list_search_space, const uint64_t offset) { +#ifndef DISABLED_FOR_FRAMAC struct td_list_head *search_walker; struct td_list_head *search_walker_prev = NULL; log_info("blocksize=%u, offset=%u\n", blocksize, (unsigned int)(offset%blocksize)); @@ -515,17 +570,20 @@ void update_blocksize(const unsigned int blocksize, alloc_data_t *list_search_sp { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ current_search_space->end=(current_search_space->end+1-offset%blocksize+blocksize-1)/blocksize*blocksize+offset%blocksize-1; } /* Align start of each range */ td_list_for_each_prev_safe(search_walker,search_walker_prev,&list_search_space->list) { alloc_data_t *current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid_read(current_search_space); */ /*@ assert current_search_space->start >= offset; */ const uint64_t aligned_start=(current_search_space->start-offset%blocksize+blocksize-1)/blocksize*blocksize+offset%blocksize; if(current_search_space->start!=aligned_start) { alloc_data_t *prev_search_space=td_list_entry(search_walker_prev, alloc_data_t, list); + /*@ assert \valid_read(prev_search_space); */ if(prev_search_space->end + 1 == current_search_space->start) { /* merge with previous block */ @@ -550,6 +608,7 @@ void update_blocksize(const unsigned int blocksize, alloc_data_t *list_search_sp td_list_for_each_prev_safe(search_walker, search_walker_prev, &list_search_space->list) { alloc_data_t *current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid_read(current_search_space); */ current_search_space->end=(current_search_space->end+1-offset%blocksize)/blocksize*blocksize+offset%blocksize-1; if(current_search_space->start>=current_search_space->end) { @@ -558,6 +617,7 @@ void update_blocksize(const unsigned int blocksize, alloc_data_t *list_search_sp free(current_search_space); } } +#endif } uint64_t free_list_allocation_end=0; @@ -567,17 +627,20 @@ uint64_t free_list_allocation_end=0; @*/ static void file_block_free(alloc_list_t *list_allocation) { +#ifndef DISABLED_FOR_FRAMAC struct td_list_head *tmp = NULL; struct td_list_head *tmp_next = NULL; td_list_for_each_safe(tmp,tmp_next,&list_allocation->list) { alloc_list_t *allocated_space; allocated_space=td_list_entry(tmp, alloc_list_t, list); + /*@ assert \valid(allocated_space); */ header_ignored_cond_reset(allocated_space->start, allocated_space->end); free_list_allocation_end=allocated_space->end; td_list_del(tmp); free(allocated_space); } +#endif } /*@ @@ -591,6 +654,7 @@ static void file_block_free(alloc_list_t *list_allocation) @*/ static void file_finish_aux(file_recovery_t *file_recovery, struct ph_param *params, const int paranoid) { +#ifndef DISABLED_FOR_FRAMAC /*@ assert valid_file_recovery(file_recovery); */ /*@ assert file_recovery->file_check == \null || \valid_function(file_recovery->file_check); */ if(params->status!=STATUS_EXT2_ON_SAVE_EVERYTHING && @@ -654,6 +718,7 @@ static void file_finish_aux(file_recovery_t *file_recovery, struct ph_param *par params->status!=STATUS_EXT2_OFF_SAVE_EVERYTHING && file_recovery->file_stat!=NULL) file_recovery->file_stat->recovered++; +#endif } /** file_finish_bf() @@ -746,6 +811,7 @@ void info_list_search_space(const alloc_data_t *list_search_space, const alloc_d { alloc_data_t *tmp; tmp=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(tmp); */ if(tmp->file_stat!=NULL) { nbr_headers++; @@ -778,6 +844,7 @@ void free_search_space(alloc_data_t *list_search_space) { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ td_list_del(search_walker); free(current_search_space); } @@ -813,12 +880,15 @@ static void set_search_start_aux(alloc_data_t **new_current_search_space, alloc_ { struct td_list_head *search_walker = NULL; /*@ + @ loop invariant \valid(list_search_space); + @ loop invariant \valid(search_walker); @ loop assigns search_walker, *new_current_search_space; @*/ td_list_for_each(search_walker, &list_search_space->list) { alloc_data_t *current_search_space; current_search_space=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(current_search_space); */ if(current_search_space->start<=offset && offset<= current_search_space->end) { *new_current_search_space=current_search_space; @@ -832,6 +902,7 @@ static void set_search_start_aux(alloc_data_t **new_current_search_space, alloc_ uint64_t set_search_start(struct ph_param *params, alloc_data_t **new_current_search_space, alloc_data_t *list_search_space) { + /*@ assert \valid(new_current_search_space); */ uint64_t offset=(*new_current_search_space)->start; if(params->offset!=PH_INVALID_OFFSET) { @@ -842,6 +913,12 @@ uint64_t set_search_start(struct ph_param *params, alloc_data_t **new_current_se { offset=0; skip_comma_in_command(¶ms->cmd_run); + /*@ + @ loop invariant valid_disk(params->disk); + @ loop invariant \valid(params); + @ loop invariant valid_read_string(params->cmd_run); + @ loop assigns offset, params->cmd_run; + @*/ while(*params->cmd_run >= '0' && *params->cmd_run <= '9') { offset=offset * 10 + (*params->cmd_run - '0'); @@ -854,6 +931,7 @@ uint64_t set_search_start(struct ph_param *params, alloc_data_t **new_current_se } /*@ + @ requires \valid(params); @ requires valid_ph_param(params); @ requires params->disk->sector_size > 0; @ requires valid_read_string(params->recup_dir); @@ -989,6 +1067,7 @@ list_part_t *init_list_part(disk_t *disk, const struct ph_options *options) @*/ static inline void file_block_remove_from_sp_aux(alloc_data_t *tmp, alloc_data_t **new_current_search_space, uint64_t *offset, const unsigned int blocksize) { +#ifndef DISABLED_FOR_FRAMAC if(tmp->start == *offset) { tmp->start+=blocksize; @@ -997,6 +1076,7 @@ static inline void file_block_remove_from_sp_aux(alloc_data_t *tmp, alloc_data_t if(tmp->start <= tmp->end) return ; *new_current_search_space=td_list_next_entry(tmp, list); + /*@ assert \valid(*new_current_search_space); */ *offset=(*new_current_search_space)->start; td_list_del(&tmp->list); free(tmp); @@ -1012,6 +1092,7 @@ static inline void file_block_remove_from_sp_aux(alloc_data_t *tmp, alloc_data_t { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=*offset + blocksize; new_sp->end=tmp->end; new_sp->file_stat=NULL; @@ -1023,6 +1104,7 @@ static inline void file_block_remove_from_sp_aux(alloc_data_t *tmp, alloc_data_t *new_current_search_space=new_sp; *offset += blocksize; } +#endif } /*@ @@ -1033,6 +1115,7 @@ static inline void file_block_remove_from_sp_aux(alloc_data_t *tmp, alloc_data_t @*/ static inline void file_block_remove_from_sp(alloc_data_t *list_search_space, alloc_data_t **new_current_search_space, uint64_t *offset, const unsigned int blocksize) { +#ifndef DISABLED_FOR_FRAMAC struct td_list_head *search_walker = &(*new_current_search_space)->list; if(search_walker!=NULL) { @@ -1057,6 +1140,7 @@ static inline void file_block_remove_from_sp(alloc_data_t *list_search_space, al log_critical("file_block_remove_from_sp(list_search_space, alloc_data_t **new_current_search_space, uint64_t *offset, const unsigned int blocksize) failed\n"); log_flush(); exit(1); +#endif } /*@ @@ -1066,6 +1150,7 @@ static inline void file_block_remove_from_sp(alloc_data_t *list_search_space, al @*/ static inline void file_block_add_to_file(alloc_list_t *list, const uint64_t offset, const uint64_t blocksize, const unsigned int data) { +#ifndef DISABLED_FOR_FRAMAC if(!td_list_empty(&list->list)) { alloc_list_t *prev=td_list_last_entry(&list->list, alloc_list_t, list); @@ -1077,11 +1162,13 @@ static inline void file_block_add_to_file(alloc_list_t *list, const uint64_t off } { alloc_list_t *new_list=(alloc_list_t *)MALLOC(sizeof(*new_list)); + /*@ assert \valid(new_list); */ new_list->start=offset; new_list->end=offset+blocksize-1; new_list->data=data; td_list_add_tail(&new_list->list, &list->list); } +#endif } void file_block_append(file_recovery_t *file_recovery, alloc_data_t *list_search_space, alloc_data_t **new_current_search_space, uint64_t *offset, const unsigned int blocksize, const unsigned int data) @@ -1098,10 +1185,12 @@ static void file_block_truncate_aux(const uint64_t start, const uint64_t end, al struct td_list_head *search_walker = NULL; if(start >= end) return ; +#ifndef DISABLED_FOR_FRAMAC td_list_for_each(search_walker, &list_search_space->list) { alloc_data_t *tmp; tmp=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(tmp); */ if(tmp->start == end + 1 && tmp->file_stat==NULL) { tmp->start=start; @@ -1116,6 +1205,7 @@ static void file_block_truncate_aux(const uint64_t start, const uint64_t end, al { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=start; new_sp->end=end; new_sp->file_stat=NULL; @@ -1129,6 +1219,7 @@ static void file_block_truncate_aux(const uint64_t start, const uint64_t end, al { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=start; new_sp->end=end; new_sp->file_stat=NULL; @@ -1137,6 +1228,7 @@ static void file_block_truncate_aux(const uint64_t start, const uint64_t end, al new_sp->list.next=&new_sp->list; td_list_add_tail(&new_sp->list, &list_search_space->list); } +#endif } /*@ @@ -1149,10 +1241,12 @@ static void file_block_truncate_zero_aux(const uint64_t start, const uint64_t en struct td_list_head *search_walker = NULL; if(start >= end) return ; +#ifndef DISABLED_FOR_FRAMAC td_list_for_each(search_walker, &list_search_space->list) { alloc_data_t *tmp; tmp=td_list_entry(search_walker, alloc_data_t, list); + /*@ assert \valid(tmp); */ if(tmp->start == end + 1 && tmp->file_stat==NULL) { tmp->start=start; @@ -1163,6 +1257,7 @@ static void file_block_truncate_zero_aux(const uint64_t start, const uint64_t en { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=start; new_sp->end=end; new_sp->file_stat=file_stat; @@ -1176,6 +1271,7 @@ static void file_block_truncate_zero_aux(const uint64_t start, const uint64_t en { alloc_data_t *new_sp; new_sp=(alloc_data_t*)MALLOC(sizeof(*new_sp)); + /*@ assert \valid(new_sp); */ new_sp->start=start; new_sp->end=end; new_sp->file_stat=file_stat; @@ -1184,10 +1280,12 @@ static void file_block_truncate_zero_aux(const uint64_t start, const uint64_t en new_sp->list.next=&new_sp->list; td_list_add_tail(&new_sp->list, &list_search_space->list); } +#endif } static void file_block_truncate_zero(const file_recovery_t *file_recovery, alloc_data_t *list_search_space) { +#ifndef DISABLED_FOR_FRAMAC struct td_list_head *tmp; struct td_list_head *next; int first=1; @@ -1204,6 +1302,7 @@ static void file_block_truncate_zero(const file_recovery_t *file_recovery, alloc td_list_del(tmp); free(element); } +#endif } static int file_block_truncate(const file_recovery_t *file_recovery, alloc_data_t *list_search_space, const unsigned int blocksize) @@ -1212,6 +1311,7 @@ static int file_block_truncate(const file_recovery_t *file_recovery, alloc_data_ struct td_list_head *next; uint64_t size=0; int file_truncated=0; +#ifndef DISABLED_FOR_FRAMAC td_list_for_each_safe(tmp, next, &file_recovery->location.list) { alloc_list_t *element=td_list_entry(tmp, alloc_list_t, list); @@ -1235,17 +1335,21 @@ static int file_block_truncate(const file_recovery_t *file_recovery, alloc_data_ size+=(element->end-element->start+1); } } +#endif return file_truncated; } /*@ - @ requires \valid_read(file_recovery); + @ requires valid_file_recovery(file_recovery); + @ terminates \true; @ assigns \nothing; @*/ static uint64_t file_offset_end(const file_recovery_t *file_recovery) { + /*@ assert valid_file_recovery(file_recovery); */ const struct td_list_head *tmp=file_recovery->location.list.prev; const alloc_list_t *element=td_list_entry_const(tmp, const alloc_list_t, list); + /*@ assert \valid_read(element); */ return element->end; } @@ -1259,6 +1363,7 @@ static uint64_t file_offset_end(const file_recovery_t *file_recovery) @*/ static void file_block_move(const file_recovery_t *file_recovery, alloc_data_t *list_search_space, alloc_data_t **new_current_search_space, uint64_t *offset) { +#ifndef DISABLED_FOR_FRAMAC const uint64_t end=file_offset_end(file_recovery); struct td_list_head *tmp; /*@ loop assigns tmp; */ @@ -1273,10 +1378,12 @@ static void file_block_move(const file_recovery_t *file_recovery, alloc_data_t * } } *new_current_search_space=list_search_space; +#endif } void file_block_truncate_and_move(file_recovery_t *file_recovery, alloc_data_t *list_search_space, const unsigned int blocksize, alloc_data_t **new_current_search_space, uint64_t *offset, unsigned char *buffer) { +#ifndef DISABLED_FOR_FRAMAC file_block_truncate(file_recovery, list_search_space, blocksize); file_block_move(file_recovery, list_search_space, new_current_search_space, offset); if(file_recovery->offset_ok > file_recovery->file_size) @@ -1306,4 +1413,5 @@ void file_block_truncate_and_move(file_recovery_t *file_recovery, alloc_data_t * if(my_fseek(file_recovery->handle, file_recovery->file_size, SEEK_SET) < 0) return ; } +#endif } diff --git a/src/unicode.c b/src/unicode.c index 304cb3b6..65898d12 100644 --- a/src/unicode.c +++ b/src/unicode.c @@ -28,7 +28,7 @@ #include "common.h" #include "unicode.h" -int UCSle2str(char *to, const uint16_t *from, const unsigned int len) +unsigned int UCSle2str(char *to, const uint16_t *from, const unsigned int len) { unsigned int i; /*@ @@ -47,7 +47,7 @@ int UCSle2str(char *to, const uint16_t *from, const unsigned int len) return i; } -int str2UCSle(uint16_t *to, const char *from, const unsigned int len) +unsigned int str2UCSle(uint16_t *to, const char *from, const unsigned int len) { unsigned int i; /*@ diff --git a/src/unicode.h b/src/unicode.h index 5384029c..7d090aa3 100644 --- a/src/unicode.h +++ b/src/unicode.h @@ -32,7 +32,7 @@ extern "C" { @ terminates \true; @ assigns to[0 .. len-1]; @*/ -int UCSle2str(char *to, const uint16_t *from, const unsigned int len); +unsigned int UCSle2str(char *to, const uint16_t *from, const unsigned int len); /*@ @ requires \valid(to + ( 0 .. len-1)); @@ -41,7 +41,7 @@ int UCSle2str(char *to, const uint16_t *from, const unsigned int len); @ terminates \true; @ assigns to[0 .. len-1]; @*/ -int str2UCSle(uint16_t *to, const char *from, const unsigned int len); +unsigned int str2UCSle(uint16_t *to, const char *from, const unsigned int len); #ifdef __cplusplus } /* closing brace for extern "C" */ |