user_strlcpy.patch on Ticket #8650 – Attachment – Haiku

src/system/kernel/arch/x86/arch_cpu.cpp

diff --git a/src/system/kernel/arch/x86/arch_cpu.cpp b/src/system/kernel/arch/x86/arch_cpu.cpp
index 5ebb194..8d44375 100644

-              a
+ *
  * Copyright 2001-2002, Travis Geiselbrecht. All rights reserved.
  * Distributed under the terms of the NewOS License.
+ *
  */
-…
+               arch_cpu_invalidate_TLB_list(addr_t pages[], int num_pages)
+}
-ssize_t
-arch_cpu_user_strlcpy(char *to, const char *from, size_t size,
-    addr_t *faultHandler)
+{
-    int fromLength = 0;
-    addr_t oldFaultHandler = *faultHandler;
-    // this check is to trick the gcc4 compiler and have it keep the error label
-    if (to == NULL && size > 0)
-        goto error;
-    *faultHandler = (addr_t)&&error;
-    if (size > 0) {
-        to[--size] = '\0';
-        // copy
-        for ( ; size; size--, fromLength++, to++, from++) {
-            if ((*to = *from) == '\0')
-                break;
+        }
+    }
-    // count any leftover from chars
-    while (*from++ != '\0') {
-        fromLength++;
+    }
-    *faultHandler = oldFaultHandler;
-    return fromLength;
-error:
-    *faultHandler = oldFaultHandler;
-    return B_BAD_ADDRESS;
+}
-status_t
-arch_cpu_user_memset(void *s, char c, size_t count, addr_t *faultHandler)
+{
-    char *xs = (char *)s;
-    addr_t oldFaultHandler = *faultHandler;
-    // this check is to trick the gcc4 compiler and have it keep the error label
-    if (s == NULL)
-        goto error;
-    *faultHandler = (addr_t)&&error;
-    while (count--)
-        *xs++ = c;
-    *faultHandler = oldFaultHandler;
-    return 0;
-error:
-    *faultHandler = oldFaultHandler;
-    return B_BAD_ADDRESS;
+}
 status_t
 arch_cpu_shutdown(bool rebootSystem)
+{

src/system/kernel/arch/x86/arch_x86.S

diff --git a/src/system/kernel/arch/x86/arch_x86.S b/src/system/kernel/arch/x86/arch_x86.S
index 28611fe..7b26a2a 100644

-              a
 /*
  * Copyright 2003-2007, Axel Dörfler, axeld@pinc-software.de.
+ * Copyright 2012, Rene Gollent, rene@gollent.com.
  * Distributed under the terms of the MIT License.
+ *
  * Copyright 2001, Travis Geiselbrecht. All rights reserved.
-…
+               FUNCTION(arch_cpu_user_memcpy):
 FUNCTION_END(arch_cpu_user_memcpy)
+/* status_t arch_cpu_user_memset(void *to, char c, size_t count, addr_t *faultHandler) */
+FUNCTION(arch_cpu_user_memset):
+    pushl   %esi
+    pushl   %edi
+    movl    12(%esp),%edi   /* dest */
+    movb    16(%esp),%al    /* c */
+    movl    20(%esp),%ecx   /* count */
+    /* set the fault handler */
+    movl    24(%esp),%edx   /* fault handler */
+    movl    (%edx),%esi
+    movl    $.L_user_memset_error, (%edx)
+    rep
+    stosb
+    /* restore the old fault handler */
+    movl    %esi,(%edx)
+    xor     %eax,%eax
+    popl    %edi
+    popl    %esi
+    ret
+    /* error condition */
+.L_user_memset_error:
+    /* restore the old fault handler */
+    movl    %esi,(%edx)
+    movl    $-1,%eax    /* return a generic error, the wrapper routine will deal with it */
+    popl    %edi
+    popl    %esi
+    ret
+FUNCTION_END(arch_cpu_user_memset)
+/* ssize_t arch_cpu_user_strlcpy(void *to, const void *from, size_t size, addr_t *faultHandler) */
+FUNCTION(arch_cpu_user_strlcpy):
+    pushl   %esi
+    pushl   %edi
+    pushl   %ebx
+    movl    16(%esp),%edi   /* dest */
+    movl    20(%esp),%esi   /* source */
+    movl    24(%esp),%ecx   /* count */
+    /* set the fault handler */
+    movl    28(%esp),%edx   /* fault handler */
+    movl    (%edx),%eax
+    movl    $.L_user_strlcpy_error, (%edx)
+    movb    $0, -1(%edi, %ecx) /* null-terminate dest */
+    /* move data by bytes */
+    cld
+    repnz
+    movsb
+    movl    $0, %ebx
+    /* count remaining bytes in src */
+.L_user_strlcpy_source_count:
+    cmpb    $0, (%esi)
+    je      .L_user_strlcpy_source_done
+    inc     %ebx
+    inc     %esi
+    jmp     .L_user_strlcpy_source_count
+.L_user_strlcpy_source_done:
+    /* restore the old fault handler */
+    movl    %eax,(%edx)
+    movl    %ebx, %eax
+    popl    %ebx
+    popl    %edi
+    popl    %esi
+    ret
+    /* error condition */
+.L_user_strlcpy_error:
+    /* restore the old fault handler */
+    movl    %eax,(%edx)
+    movl    $-1,%eax    /* return a generic error, the wrapper routine will deal with it */
+    popl    %ebx
+    popl    %edi
+    popl    %esi
+    ret
+FUNCTION_END(arch_cpu_user_strlcpy)
 /*! \fn void arch_debug_call_with_fault_handler(cpu_ent* cpu,
         jmp_buf jumpBuffer, void (*function)(void*), void* parameter)

src/system/kernel/vm/vm.cpp

diff --git a/src/system/kernel/vm/vm.cpp b/src/system/kernel/vm/vm.cpp
index 857bf22..dd23d97 100644

                user_strlcpy(char* to, const char* from, size_t size)
     ssize_t result = arch_cpu_user_strlcpy(to, from, maxSize,
         &thread_get_current_thread()->fault_handler);
     // If we hit the address overflow boundary, fail.
     if (result >= 0 && (size_t)result >= maxSize && maxSize < size)
+    if (result < 0 || result >= 0
+        && (size_t)result >= maxSize && maxSize < size) {
         return B_BAD_ADDRESS;
+    }
     return result;
+}

Context Navigation

Ticket #8650: user_strlcpy.patch

src/system/kernel/arch/x86/arch_cpu.cpp

src/system/kernel/arch/x86/arch_x86.S

src/system/kernel/vm/vm.cpp

Download in other formats: