From d4a4764da6b7dd2def00157a1c295cd2a8bf1df7 Mon Sep 17 00:00:00 2001
From: isciurus <isciurus@gmail.com>
Date: Sun, 19 May 2019 14:35:13 -0700
Subject: [PATCH] Fix integer overflow while calculating inode allocation
 status (bitmask)

---
 tsk/fs/xfs.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/tsk/fs/xfs.cpp b/tsk/fs/xfs.cpp
index a917702f3..8d78be7f7 100644
--- a/tsk/fs/xfs.cpp
+++ b/tsk/fs/xfs.cpp
@@ -283,13 +283,14 @@ TSK_FS_META_FLAG_ENUM xfs_inode_getallocflag(
         if(dino_aginum >= irecs[cur_key].ir_startino
             && dino_aginum - irecs[cur_key].ir_startino < 64)
         {
-            if (tsk_verbose) { tsk_fprintf(stderr, "found at cur_inobt_block->bb_level = %u, cur_key = %u, irecs[cur_key].ir_startino = %u, irecs[cur_key].ir_free = %" PRIx64 " \n",
-                cur_inobt_block->bb_level, cur_key, irecs[cur_key].ir_startino, irecs[cur_key].ir_free); }
+            uint8_t rel_inum = dino_aginum - irecs[cur_key].ir_startino;
+
+            if (tsk_verbose) { tsk_fprintf(stderr, "found at cur_inobt_block->bb_level = %u, cur_key = %u, irecs[cur_key].ir_startino = %u, irecs[cur_key].ir_free = %" PRIx64 ", rel_inum = %u \n",
+                cur_inobt_block->bb_level, cur_key, irecs[cur_key].ir_startino, irecs[cur_key].ir_free, rel_inum); }
 
             free(cur_inobt_block);
 
-            uint8_t rel_inum = dino_aginum - irecs[cur_key].ir_startino;
-            if (irecs[cur_key].ir_free & (1 << rel_inum))
+            if (irecs[cur_key].ir_free & ((uint64_t) 1 << rel_inum))
                 return TSK_FS_META_FLAG_UNALLOC;
             else
                 return TSK_FS_META_FLAG_ALLOC;
-- 
GitLab