PhotoRec: Session save/resume unreliable on large disks #4
Description
Problem
The session save/resume mechanism in src/sessionp.c has multiple reliability issues, especially on large disks.
Root Causes
A) Fixed 40KB session buffer (SESSION_MAXSIZE = 40960)
On a 10.9TB disk with thousands of search space regions, the photorec.ses file is limited to 40KB. The region list is written first, then 40KB of zero-padding is appended. If the region list exceeds 40KB, the data is silently truncated or corrupted.
B) No integrity verification
No checksum, no magic bytes, no end-of-data marker. If the system crashes during session_save(), the .ses file may be half-written and undetectable as corrupt.
C) Session file stored in CWD
photorec.ses is written to the current working directory (SESSION_FILENAME "photorec.ses"), not to the recovery destination. If PhotoRec is restarted from a different directory, the session is lost.
D) Checkpoint interval too large
regular_session_save() saves every 5 minutes (or 15 minutes if save takes >30s). A crash loses up to 15 minutes of progress.
Proposed Solution
- Replace fixed 40KB buffer with dynamic sizing based on actual region count
- Add CRC32 checksum and magic header/footer to session file
- Write session file to both CWD and recovery directory
- Write atomic (temp file + rename) to prevent corruption
- Reduce checkpoint interval to 1 minute, or make it configurable
Files
src/sessionp.c/src/sessionp.h