hrev53995 adds 2 changesets to branch 'master'
old head: 6d72c4188e001484e81fe27174cd57a89d266971
new head: 18da5c304219abce11add74e2df0e3e05dc5d48b
overview:
https://git.haiku-os.org/haiku/log/?qt=range&q=18da5c304219+%5E6d72c4188e00
----------------------------------------------------------------------------
99195e3c36f8: bootloader ethernet: fix tracing
18da5c304219: Bootloader log: check for buffer overflow
We could overflow the in-memory log. The bounds check was there for BIOS
already but was missing in EFI and openfirmware. Could fix some crashes
when there is lots of loging.
[ PulkoMandy <pulkomandy@xxxxxxxxxxxxx> ]
----------------------------------------------------------------------------
3 files changed, 9 insertions(+), 4 deletions(-)
src/system/boot/loader/net/Ethernet.cpp | 5 +++--
src/system/boot/platform/efi/debug.cpp | 2 ++
src/system/boot/platform/openfirmware/debug.cpp | 6 ++++--
############################################################################
Commit: 99195e3c36f84379158431273a20c6fe46517188
URL: https://git.haiku-os.org/haiku/commit/?id=99195e3c36f8
Author: PulkoMandy <pulkomandy@xxxxxxxxxxxxx>
Date: Tue Mar 17 20:27:27 2020 UTC
bootloader ethernet: fix tracing
----------------------------------------------------------------------------
diff --git a/src/system/boot/loader/net/Ethernet.cpp
b/src/system/boot/loader/net/Ethernet.cpp
index e2724bc89e..a301bafb87 100644
--- a/src/system/boot/loader/net/Ethernet.cpp
+++ b/src/system/boot/loader/net/Ethernet.cpp
@@ -123,7 +123,8 @@ status_t
EthernetService::Send(const mac_addr_t &destination, uint16 protocol,
ChainBuffer *buffer)
{
- TRACE(("EthernetService::Send(to: %012llx, proto: 0x%hx, %lu bytes)\n",
+ TRACE(("EthernetService::Send(to: %012" B_PRIx64 ", proto: 0x%hx, %"
+ PRIu32 " bytes)\n",
destination.ToUInt64(), protocol, (buffer ? buffer->TotalSize()
: 0)));
if (!fInterface || !fSendBuffer)
@@ -199,7 +200,7 @@ EthernetService::ProcessIncomingPackets()
}
TRACE(("EthernetService::ProcessIncomingPackets(): received
ethernet "
- "frame: to: %012llx, proto: 0x%hx, %ld bytes\n",
+ "frame: to: %012" B_PRIx64 ", proto: 0x%hx, %"
B_PRIuSIZE " bytes\n",
header->destination.ToUInt64(), ntohs(header->type),
bytesReceived - (ssize_t)sizeof(ether_header)));
############################################################################
Revision: hrev53995
Commit: 18da5c304219abce11add74e2df0e3e05dc5d48b
URL: https://git.haiku-os.org/haiku/commit/?id=18da5c304219
Author: PulkoMandy <pulkomandy@xxxxxxxxxxxxx>
Date: Tue Mar 17 20:28:07 2020 UTC
Bootloader log: check for buffer overflow
We could overflow the in-memory log. The bounds check was there for BIOS
already but was missing in EFI and openfirmware. Could fix some crashes
when there is lots of loging.
----------------------------------------------------------------------------
diff --git a/src/system/boot/platform/efi/debug.cpp
b/src/system/boot/platform/efi/debug.cpp
index 9355c6a796..48724ad3ce 100644
--- a/src/system/boot/platform/efi/debug.cpp
+++ b/src/system/boot/platform/efi/debug.cpp
@@ -21,6 +21,8 @@ static uint32 sBufferPosition;
static void
syslog_write(const char* buffer, size_t length)
{
+ if (sBufferPosition + length > sizeof(sBuffer))
+ return;
memcpy(sBuffer + sBufferPosition, buffer, length);
sBufferPosition += length;
}
diff --git a/src/system/boot/platform/openfirmware/debug.cpp
b/src/system/boot/platform/openfirmware/debug.cpp
index 78eb3cf132..0758f30dfe 100644
--- a/src/system/boot/platform/openfirmware/debug.cpp
+++ b/src/system/boot/platform/openfirmware/debug.cpp
@@ -17,9 +17,11 @@ static char sBuffer[16384];
static uint32 sBufferPosition;
-static void
+static inline void
syslog_write(const char* buffer, size_t length)
{
+ if (sBufferPosition + length > sizeof(sBuffer))
+ return;
memcpy(sBuffer + sBufferPosition, buffer, length);
sBufferPosition += length;
}
@@ -41,7 +43,7 @@ panic(const char* format, ...)
}
-static void
+static inline void
dprintf_args(const char *format, va_list args)
{
char buffer[512];