[SeaBIOS] [PATCH 2/2] block: Check for read/write requests over 64K
Kevin O'Connor
kevin at koconnor.net
Mon Dec 29 16:49:04 CET 2014
The standard BIOS disk read/write request interface should never get a
request for more than 64K of data. Explicitly check for overly large
requests and reject them. This way, the low-level drivers do not need
to check for or attempt to handle very large requests.
Signed-off-by: Kevin O'Connor <kevin at koconnor.net>
---
src/block.c | 4 ++++
src/disk.c | 2 ++
2 files changed, 6 insertions(+)
diff --git a/src/block.c b/src/block.c
index 43af305..3f7ecb1 100644
--- a/src/block.c
+++ b/src/block.c
@@ -485,6 +485,10 @@ process_op(struct disk_op_s *op)
{
ASSERT16();
int ret, origcount = op->count;
+ if (origcount * GET_GLOBALFLAT(op->drive_gf->blksize) > 64*1024) {
+ op->count = 0;
+ return DISK_RET_EBOUNDARY;
+ }
u8 type = GET_GLOBALFLAT(op->drive_gf->type);
switch (type) {
case DTYPE_FLOPPY:
diff --git a/src/disk.c b/src/disk.c
index fe2e2c3..0e0af24 100644
--- a/src/disk.c
+++ b/src/disk.c
@@ -173,6 +173,7 @@ disk_1300(struct bregs *regs, struct drive_s *drive_gf)
struct disk_op_s dop;
dop.drive_gf = drive_gf;
dop.command = CMD_RESET;
+ dop.count = 0;
int status = send_disk_op(&dop);
disk_ret(regs, status);
}
@@ -322,6 +323,7 @@ disk_1310(struct bregs *regs, struct drive_s *drive_gf)
struct disk_op_s dop;
dop.drive_gf = drive_gf;
dop.command = CMD_ISREADY;
+ dop.count = 0;
int status = send_disk_op(&dop);
disk_ret(regs, status);
}
--
1.9.3
More information about the SeaBIOS
mailing list