[OpenBIOS] [PATCH] bootinfo_load.c: stop parsing CHRP boot script when NULL is reached

Mark Cave-Ayland mark.cave-ayland at ilande.co.uk
Sun Jun 21 10:23:51 CEST 2015

On 21/06/15 00:44, Segher Boessenkool wrote:

> On Sat, Jun 20, 2015 at 11:07:01PM +0100, Mark Cave-Ayland wrote:
>> +	/* Some bootinfo scripts contain a binary payload after the
>> +	   NULL-terminated Forth string such as OS 9. Restrict our
>> +	   size to just the Forth section, otherwise we end up trying
>> +	   to allocate memory for the entire binary which will fail. */
> "Might fail"?

It depends on how big your binary is. A few 10s of K will be fine,
something that is 2MB+ like OS 9 obviously isn't.

>> +	size = MIN(strlen(base), size);
> "MIN" doesn't make terribly much sense here -- if "size" is the smaller
> of the two, strlen() will have done out-of-bounds accesses, and if not,
> you don't need MIN.  Use strnlen() isntead?  I.e.
> 	size = strnlen(base, size);

For some reason the PPC OFMEM bindings will automatically allocate a
phys == virt mapping for any unknown address (that's a whole different
story though). Hence since the loader has already loaded a binary of
size bytes at load-base, this entire region is guaranteed to be accessible.

At some point though, I would like to change this behaviour to map a
fixed (8M) area at load-base instead as per the official specification.
Fortunately it appears that OpenBIOS does have a strnlen() in its mini
libc so I'll use that instead.



More information about the OpenBIOS mailing list