Ticket #8650: user_strlcpy.patch
File user_strlcpy.patch, 4.8 KB (added by , 12 years ago) |
---|
-
src/system/kernel/arch/x86/arch_cpu.cpp
diff --git a/src/system/kernel/arch/x86/arch_cpu.cpp b/src/system/kernel/arch/x86/arch_cpu.cpp index 5ebb194..8d44375 100644
a b 4 4 * 5 5 * Copyright 2001-2002, Travis Geiselbrecht. All rights reserved. 6 6 * Distributed under the terms of the NewOS License. 7 * 7 8 */ 8 9 9 10 … … arch_cpu_invalidate_TLB_list(addr_t pages[], int num_pages) 988 989 } 989 990 990 991 991 ssize_t992 arch_cpu_user_strlcpy(char *to, const char *from, size_t size,993 addr_t *faultHandler)994 {995 int fromLength = 0;996 addr_t oldFaultHandler = *faultHandler;997 998 // this check is to trick the gcc4 compiler and have it keep the error label999 if (to == NULL && size > 0)1000 goto error;1001 1002 *faultHandler = (addr_t)&&error;1003 1004 if (size > 0) {1005 to[--size] = '\0';1006 // copy1007 for ( ; size; size--, fromLength++, to++, from++) {1008 if ((*to = *from) == '\0')1009 break;1010 }1011 }1012 // count any leftover from chars1013 while (*from++ != '\0') {1014 fromLength++;1015 }1016 1017 *faultHandler = oldFaultHandler;1018 return fromLength;1019 1020 error:1021 *faultHandler = oldFaultHandler;1022 return B_BAD_ADDRESS;1023 }1024 1025 1026 status_t1027 arch_cpu_user_memset(void *s, char c, size_t count, addr_t *faultHandler)1028 {1029 char *xs = (char *)s;1030 addr_t oldFaultHandler = *faultHandler;1031 1032 // this check is to trick the gcc4 compiler and have it keep the error label1033 if (s == NULL)1034 goto error;1035 1036 *faultHandler = (addr_t)&&error;1037 1038 while (count--)1039 *xs++ = c;1040 1041 *faultHandler = oldFaultHandler;1042 return 0;1043 1044 error:1045 *faultHandler = oldFaultHandler;1046 return B_BAD_ADDRESS;1047 }1048 1049 1050 992 status_t 1051 993 arch_cpu_shutdown(bool rebootSystem) 1052 994 { -
src/system/kernel/arch/x86/arch_x86.S
diff --git a/src/system/kernel/arch/x86/arch_x86.S b/src/system/kernel/arch/x86/arch_x86.S index 28611fe..7b26a2a 100644
a b 1 1 /* 2 2 * Copyright 2003-2007, Axel Dörfler, axeld@pinc-software.de. 3 * Copyright 2012, Rene Gollent, rene@gollent.com. 3 4 * Distributed under the terms of the MIT License. 4 5 * 5 6 * Copyright 2001, Travis Geiselbrecht. All rights reserved. … … FUNCTION(arch_cpu_user_memcpy): 219 220 FUNCTION_END(arch_cpu_user_memcpy) 220 221 221 222 223 /* status_t arch_cpu_user_memset(void *to, char c, size_t count, addr_t *faultHandler) */ 224 FUNCTION(arch_cpu_user_memset): 225 pushl %esi 226 pushl %edi 227 movl 12(%esp),%edi /* dest */ 228 movb 16(%esp),%al /* c */ 229 movl 20(%esp),%ecx /* count */ 230 231 /* set the fault handler */ 232 movl 24(%esp),%edx /* fault handler */ 233 movl (%edx),%esi 234 movl $.L_user_memset_error, (%edx) 235 236 rep 237 stosb 238 239 /* restore the old fault handler */ 240 movl %esi,(%edx) 241 xor %eax,%eax 242 243 popl %edi 244 popl %esi 245 ret 246 247 /* error condition */ 248 .L_user_memset_error: 249 /* restore the old fault handler */ 250 movl %esi,(%edx) 251 movl $-1,%eax /* return a generic error, the wrapper routine will deal with it */ 252 popl %edi 253 popl %esi 254 ret 255 FUNCTION_END(arch_cpu_user_memset) 256 257 258 /* ssize_t arch_cpu_user_strlcpy(void *to, const void *from, size_t size, addr_t *faultHandler) */ 259 FUNCTION(arch_cpu_user_strlcpy): 260 pushl %esi 261 pushl %edi 262 pushl %ebx 263 movl 16(%esp),%edi /* dest */ 264 movl 20(%esp),%esi /* source */ 265 movl 24(%esp),%ecx /* count */ 266 267 /* set the fault handler */ 268 movl 28(%esp),%edx /* fault handler */ 269 movl (%edx),%eax 270 movl $.L_user_strlcpy_error, (%edx) 271 272 movb $0, -1(%edi, %ecx) /* null-terminate dest */ 273 274 /* move data by bytes */ 275 cld 276 repnz 277 movsb 278 279 280 movl $0, %ebx 281 282 /* count remaining bytes in src */ 283 .L_user_strlcpy_source_count: 284 cmpb $0, (%esi) 285 je .L_user_strlcpy_source_done 286 inc %ebx 287 inc %esi 288 jmp .L_user_strlcpy_source_count 289 290 .L_user_strlcpy_source_done: 291 292 /* restore the old fault handler */ 293 movl %eax,(%edx) 294 movl %ebx, %eax 295 296 popl %ebx 297 popl %edi 298 popl %esi 299 ret 300 301 /* error condition */ 302 .L_user_strlcpy_error: 303 /* restore the old fault handler */ 304 movl %eax,(%edx) 305 movl $-1,%eax /* return a generic error, the wrapper routine will deal with it */ 306 popl %ebx 307 popl %edi 308 popl %esi 309 ret 310 FUNCTION_END(arch_cpu_user_strlcpy) 311 312 222 313 /*! \fn void arch_debug_call_with_fault_handler(cpu_ent* cpu, 223 314 jmp_buf jumpBuffer, void (*function)(void*), void* parameter) 224 315 -
src/system/kernel/vm/vm.cpp
diff --git a/src/system/kernel/vm/vm.cpp b/src/system/kernel/vm/vm.cpp index 857bf22..dd23d97 100644
a b user_strlcpy(char* to, const char* from, size_t size) 5103 5103 ssize_t result = arch_cpu_user_strlcpy(to, from, maxSize, 5104 5104 &thread_get_current_thread()->fault_handler); 5105 5105 5106 // If we hit the address overflow boundary, fail.5107 if (result >= 0 && (size_t)result >= maxSize && maxSize < size)5106 if (result < 0 || result >= 0 5107 && (size_t)result >= maxSize && maxSize < size) { 5108 5108 return B_BAD_ADDRESS; 5109 } 5109 5110 5110 5111 return result; 5111 5112 }