On Fri, 2010-10-01 at 21:36 +0200, Arkadiusz Miskiewicz wrote:
> generate_obfuscated_name() in metadump.c can go into
> never ending loop for some file names. Reproducer below.
The reason it hangs is that the algorithm for computing
a name with the same hash value as the name is stuck with
a portion of the hash whose only possible result includes
the string "/" in it.
The hash for the file "R\323\257NE" is 0x3ab4b3740.
One step in the algorithm is this:
newname[namelen - 3] = (newhash >> 14) & 0x7f;
if (is_invalid_char(newname[namelen - 3]))
But the result of that is 0x2f, which is the '/'
character, which is illegal. So this algorithm
will try again indefinitely, never finding a file
name with a matching hash.
I am looking into this a bit more. Will report back
later, probably tomorrow.