git: kernel - Fix buffer overflow in legacy (non EFI) boot loader
Matthew Dillon
dillon at crater.dragonflybsd.org
Fri Oct 30 11:30:34 PDT 2020
commit 56254923026387d8dba5d269d426e6b6b3ad282d
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Fri Oct 30 11:25:23 2020 -0700
kernel - Fix buffer overflow in legacy (non EFI) boot loader
* Fix a buffer overflow primarily in bd_read(). The code contains
a work-around for segment boundary crossings that very old BIOSes
would sometimes blow-up on, but was improperly calculating the
bounce-buffer I/O limit to be the full bounce-buffer size
instead of 1/2 the bounce buffer size.
Thus if the bounce buffer's base address happened to be certain
values, large I/O requests would overflow the buffer.
* Make sure the bounce-buffer is 16-byte aligned, again for old
BIOSes.
Reported-by: zrj
Debugging-by: dillon, zrj, Naabed-
Summary of changes:
sys/boot/pc32/libi386/biosdisk.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/56254923026387d8dba5d269d426e6b6b3ad282d
--
DragonFly BSD source repository
More information about the Commits
mailing list