From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1JGb63-0003S4-S8 for mharc-grub-devel@gnu.org; Sun, 20 Jan 2008 09:24:27 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1JGb61-0003Rm-VJ for grub-devel@gnu.org; Sun, 20 Jan 2008 09:24:26 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1JGb60-0003RW-Fj for grub-devel@gnu.org; Sun, 20 Jan 2008 09:24:24 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1JGb60-0003RR-6q for grub-devel@gnu.org; Sun, 20 Jan 2008 09:24:24 -0500 Received: from aybabtu.com ([69.60.117.155]) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1JGb60-0008WL-4U for grub-devel@gnu.org; Sun, 20 Jan 2008 09:24:24 -0500 Received: from [192.168.10.6] (helo=thorin) by aybabtu.com with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1JGb5w-0006t4-Un for grub-devel@gnu.org; Sun, 20 Jan 2008 15:24:23 +0100 Received: from rmh by thorin with local (Exim 4.63) (envelope-from ) id 1JGb4I-0002zo-1d for grub-devel@gnu.org; Sun, 20 Jan 2008 15:22:38 +0100 Date: Sun, 20 Jan 2008 15:22:38 +0100 From: Robert Millan To: grub-devel@gnu.org Message-ID: <20080120142238.GA11485@thorin> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="lrZ03NoBR/3+SXJZ" Content-Disposition: inline Content-Transfer-Encoding: 8bit Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.13 (2006-08-11) X-detected-kernel: by monty-python.gnu.org: Genre and OS details not recognized. Subject: [PATCH] safety check in claim_heap() X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jan 2008 14:24:26 -0000 --lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Hi! What do you think of adding this kind of checks? I know it's not a perfect safegard, but it can save your day in some situations (it helped me during i386/ieee1275 port, when link address was 0x100000). -- Robert Millan I know my rights; I want my phone call! What use is a phone call… if you are unable to speak? (as seen on /.) --lrZ03NoBR/3+SXJZ Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="claim_safety.diff" --- ../../grub2/kern/powerpc/ieee1275/init.c 2008-01-14 15:30:59.000000000 +0100 +++ kern/powerpc/ieee1275/init.c 2008-01-20 15:20:23.000000000 +0100 @@ -143,6 +143,17 @@ (total + (HEAP_MAX_ADDR - addr) > HEAP_MIN_SIZE)) /* only limit ourselves when we can afford to */ len = HEAP_MAX_ADDR - addr; + /* In theory, firmware should already prevent this from happening by not + listing our own image in /memory/available. The check below is intended + as a safegard in case that doesn't happen. It does, however, not protect + us from corrupting our module area, which extends up to a + yet-undetermined region above _end. */ + if ((addr < _end) && ((addr + len) > _start)) + { + grub_printf ("Warning: attempt to claim over our own code!\n"); + len = 0; + } + if (len) { /* Claim and use it. */ --lrZ03NoBR/3+SXJZ--