Sergey Babkin wrote:
>
> "Gary T. Corcoran" wrote:
> >
> > "Jordan K. Hubbard" wrote:
> > >
> > > I'm sitting here in Seoul, Korea (which is very nice, by the way) and
> > > I've just managed to delete all 82 images of Kyoto off the FAT-12 format
> > > Smartcard they were on. Waaaah!
> > >
> >
> > Way back in the Dark Ages I used to hack on FAT-12 code...
> > Going *way* back in the archives - (had to find a 5-1/4 inch floppy
> > drive!) it looks as if there are directory entry attributes at the byte
> > at dirptr+11, and the lower bits (ANDed with 0x1C) should be 0. Otherwise,
> > if I recall (don't have reference books here), there is a bit saying
> > the file is deleted (other bits say subdirectory, system file, etc.)
> > So you may just have to change that one byte (per file) to recover them
> > (in addition to changing the first byte of the file name which you
> > already did).
>
> The clusters in the FAT have to be re-connected. The number of the
> first cluster is still stored in the directory entry, as well as
> directory file size. Then hoping that the files were written sequentially
> you start from that cluster and link together as many free clusters going
> sequentially after it to cover this file size. FAT-12 is an array of
> 12-bit entries, each corresponding to a cluster. An entry contains the
> number of the next cluster in file. The last cluster in a file has some
> special value in its FAT entry, something like 0xFFF or 0xFFE, can't
The last cluster is indicated by any value from 0xff8 to 0xfff. 0xff7
indicates a bad cluster. 0xff0 - 0xff6 mark reserved clusters.
> remember exactly. The unallocated clusters have value like 000 in their
> entries. The cluster size for FAT-12 will probably be equal to one
> sector, that is 512 bytes. At least that's true for diskettes but may be
> different for the Smartcard.
The cluster size is at offset 0xd in the boot sector.
Also, there are usually 2 copies of the FAT, both of which should be
fixed.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
