Alexander, good day. Thu, Jul 23, 2009 at 12:29:23PM +0200, Alexander Best wrote: > i just tried to do fsck_msdosfs on my mobile phone's memory card using a usb > connection cable. this is what `file -s` has to say about /dev/da0: > > /dev/da0: x86 boot sector, code offset 0x0, OEM-ID " ", sectors/cluster > 64, reserved sectors 6304, Media descriptor 0xf8, heads 128, hidden sectors > 8192, sectors 7736320 (volumes > 32 MB) , FAT (32 bit), sectors/FAT 944, > reserved3 0x800000, serial number 0x34613466, label: "mem " > > however after issuing the command `fsck_msdosfs /dev/da0` i got the following > error: > > fsck_msdosfs /dev/da0 > ** /dev/da0 > backup doesn't compare to primary bootblock > > i did a bit of research and it seems this bug was supposed to be fixed by > r128463. the problem was that the entire bootblock was compared to the > backupblock. but since only the first 52 bytes of the bootblock are important > many device use the rest of the bootblock for some other purpose. the > following change was made to sbin/fsck_msdosfs/boot.c: > > -- if (memcmp(block, backup, DOSBOOTBLOCKSIZE)) { > ++ if (memcmp(block + 11, backup + 11, 79)) { > > it seems however that the last memcmp argument is still too high. could > somebody with good fat12/16/32 knowledge please look into this? 79 looks sane for the FAT32, see http://www.win.tue.nl/~aeb/linux/fs/fat/fat-1.html For FAT16/FAT12 the size should be 51. Actually, what is now compared is the BIOS parameter block. I'll take a look at the FS forensics book: my memory blocks with FAT remniscents are a bit rusty ;)) -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #Received on Thu Jul 23 2009 - 13:22:28 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:52 UTC