A bug was introduced by commit d2c7d40a2b :
when the beginning of a file was a hole and the runlist span over several
MFT extents, the runlist was not mapped on filling the initial hole.
This lead to a crash when using torrent to download big files.
The ioctl() function is not implemented in the Windows variant. By forcing
a negative apparent return, an alternative is triggered to get the
partition size which is normally obtained from an ioctl().
In some rare situations relocated runlists are longer than the original
ones and do not fit into the same extent. When this happens the runlist
updating is delayed and done globally. Be sure to use the updated global
bitmap for making the needed allocations.
X509 certificates have a purpose field restricting what the certificate
can be used for, and EFS encryption is such a purpose. Allow EFS encryption
to be at any position in the list.
Windows applies legacy restrictions to file names, so when the option
windows_names is applied, reject the same reserved names, which are
CON, PRN, AUX, NUL, COM1..COM9, and LPT1..LPT9
When the runlist of the data attribute of MFT has to be split across
several extents, the location of each extent has to be known from the
runlist present in previous extents. So, force the first extent into
record 15 to avoid a bad layout.
When a hole in a sparse file was filled, the runlist was fully recomputed.
When a sparse file spans over several MFT extents, this patch leads to
only recompute the runlist from the modified extent to the end.
When ntfsclone'ing to a file, the target file was truncated to the volume
size. This is not useful on file systems which support sparse files. In
the case of ntfs-3g this leads to prevent optimizations specific to
appending data. So when a sparse output file is detected, it is emptied
to benefit from subsequent appending of data.
The upcoming libgrypt-1.6 drops the "module" interface which was used
by ntfsdecrypt for decrypting files which were encrypted with the "DESX"
algorithm. This algorithm is a Microsoft variant of DES with a key size
of 128 bits, and is not natively supported by libgrypt. The module interface
made possible to declare an external algorithm so that all the encryption
modes could be processed the same way whether the algorithm was internal
or external.
This patch makes DESX a specific case, so that the module interface is
not needed any more. It is compatible with current libgrypt and upcoming
libgrypt-1.6
Updating an attribute may imply decompressing runlists which are not
contiguous, leaving an unmapped region between them. When checking whether
the attribute has been made sparse, such unmapped regions should be ignored
This mostly happens after updating an index. (fix by Forrest Liu)
Windows server 2012 apparently uses files with no ACEs in their DACL,
thus denying any access to any process except system backup.
Such DACLs should however be considered valid.
When calling ntfstruncate() to expand a resident attribute, the function
is called again recursively, losing the requirement for not inserting
holes. This is for forwarding the requirement (used by ntfscp).
When testing whether a stream has been wiped out for possibly changing
its compression status, only the non-resident case was considered.
This fixes the test for streams which were never made non-resident.
When trying to undelete a file which was modified several times the
same day, it is difficult to tell which one is the latest unless the
modification time is displayed.