From 7b5d546fdbf1d330ecc18d4c5b5d15db7cb5c783 Mon Sep 17 00:00:00 2001 From: "H. Peter Anvin" Date: Mon, 1 Jun 2009 14:47:45 -0700 Subject: prepcore: error out if the compressed image is too large to load Export, from each loader stage, the symbol MaxLMA which indicates to prepcore how big the image is allowed to be. Change prepcore to enforce this limit and to error out otherwise. Signed-off-by: H. Peter Anvin --- core/common.inc | 4 ++++ core/diskstart.inc | 2 +- core/isolinux.asm | 2 ++ core/layout.inc | 15 --------------- core/prefix.inc | 17 +++++++++++++++++ core/pxelinux.asm | 4 ++++ lzo/prepcore.c | 8 ++++++++ 7 files changed, 36 insertions(+), 16 deletions(-) create mode 100644 core/prefix.inc diff --git a/core/common.inc b/core/common.inc index ad64c23c..80dbb4f9 100644 --- a/core/common.inc +++ b/core/common.inc @@ -18,3 +18,7 @@ %include "strcpy.inc" ; strcpy() %include "idle.inc" ; Idle handling %include "adv.inc" ; Auxillary Data Vector + +; Note: the prefix section is included late, to avoid problems with some +; versions of NASM that had issues with forward references to EQU symbols. +%include "prefix.inc" ; Prefix section for prepcore diff --git a/core/diskstart.inc b/core/diskstart.inc index b713a1ea..b8047264 100644 --- a/core/diskstart.inc +++ b/core/diskstart.inc @@ -668,8 +668,8 @@ rl_checkpt_off equ ($-$$) ; Sector pointers alignz 4 - global MaxInitDataSize MaxInitDataSize equ 96 << 10 +MaxLMA equ 0x7c00+SECTOR_SIZE+MaxInitDataSize SectorPtrs times MaxInitDataSize >> SECTOR_SHIFT dd 0 SectorPtrsEnd equ $ diff --git a/core/isolinux.asm b/core/isolinux.asm index 37c14744..b2c9c986 100644 --- a/core/isolinux.asm +++ b/core/isolinux.asm @@ -431,6 +431,8 @@ found_file: ; address (7C00h) is *not* 2K-sector-aligned, the safest ; way to deal with this is to load into the xfer_buf_seg ; and then copy the data in place. +MaxLMA equ xfer_buf_seg << 4 + mov bx,(7C00h+SECTOR_SIZE) >> 4 mov bp,[ImageSectors] diff --git a/core/layout.inc b/core/layout.inc index e2c7cbc5..fe292b14 100644 --- a/core/layout.inc +++ b/core/layout.inc @@ -134,18 +134,3 @@ pktbuf_seg equ cache_seg ; PXELINUX packet buffers %endif comboot_seg equ real_mode_seg ; COMBOOT image loading zone - -; -; The prefix is a small structure that prefaces the actual code; -; it gives the compression program necessary information. -; - - section .prefix nowrite progbits align=16 -pfx_start dd _start ; Start of raw chunk -pfx_compressed dd __pm_code_lma ; Start of compressed chunk -pfx_cdatalen dd lzo_data_size ; Pointer to compressed size field -%if IS_ISOLINUX -pfx_checksum dd bi_length ; File length and checksum fields -%else -pfx_checksum dd 0 ; No checksum -%endif diff --git a/core/prefix.inc b/core/prefix.inc new file mode 100644 index 00000000..9c8724b5 --- /dev/null +++ b/core/prefix.inc @@ -0,0 +1,17 @@ +; +; The prefix is a small structure that prefaces the actual code; +; it gives the compression program necessary information. +; + + section .prefix nowrite progbits align=16 +pfx_start dd _start ; Start of raw chunk +pfx_compressed dd __pm_code_lma ; Start of compressed chunk +pfx_cdatalen dd lzo_data_size ; Pointer to compressed size field +%if IS_ISOLINUX +pfx_checksum dd bi_length ; File length and checksum fields +%else +pfx_checksum dd 0 ; No checksum +%endif +pfx_maxlma dd MaxLMA ; Maximum size + + section .text16 diff --git a/core/pxelinux.asm b/core/pxelinux.asm index bb536a6c..b866369c 100644 --- a/core/pxelinux.asm +++ b/core/pxelinux.asm @@ -224,6 +224,10 @@ packet_buf_size equ $-packet_buf StackBuf equ $-44 ; Base of stack if we use our own StackTop equ StackBuf + ; PXE loads the whole file, but assume it can't be more + ; than (384-31)K in size. +MaxLMA equ 384*1024 + ; ; Primary entry point. ; diff --git a/lzo/prepcore.c b/lzo/prepcore.c index cb6b483a..fc1b6c6f 100644 --- a/lzo/prepcore.c +++ b/lzo/prepcore.c @@ -95,6 +95,7 @@ struct prefix { uint32_t pfx_compressed; uint32_t pfx_cdatalen; uint32_t pfx_checksum; + uint32_t pfx_maxlma; }; static inline uint32_t get_32(const uint32_t * p) @@ -317,6 +318,13 @@ int __lzo_cdecl_main main(int argc, char *argv[]) set_32((uint32_t *) (infile + soff + 4), csum); } + if (offset+outfile_len > get_32(&prefix->pfx_maxlma)) { + printf("%s: output too big (%lu, max %lu)\n", + (unsigned long)offset+outfile_len, + (unsigned long)get_32(&prefix->pfx_maxlma)); + exit(1); + } + f = fopen(out_name, "wb"); if (f == NULL) { printf("%s: cannot open output file %s\n", progname, out_name); -- cgit v1.2.1