diff options
| author | Amlal El Mahrouss <amlal@nekernel.org> | 2025-06-22 21:34:16 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-06-22 21:34:16 +0200 |
| commit | 7c63269be0c40d8b6169d3cacf487ab370206f60 (patch) | |
| tree | 7ebc33386f084d4f2d1b6d5d9e08567d587c189c /dev | |
| parent | 59653f763a7e12b5b54b470a86e81c93729c909d (diff) | |
| parent | 4807aac83e758099bfae759701b3d5cab5fc3b8b (diff) | |
Merge pull request #51 from 0xf00sec/0xf00sec-patch-7
Patch: Buffer Overflows and OOB Reads in Core Memory APIs
Diffstat (limited to 'dev')
| -rw-r--r-- | dev/boot/src/BootSupport.cc | 48 |
1 files changed, 28 insertions, 20 deletions
diff --git a/dev/boot/src/BootSupport.cc b/dev/boot/src/BootSupport.cc index ce824e0f..7cf7af95 100644 --- a/dev/boot/src/BootSupport.cc +++ b/dev/boot/src/BootSupport.cc @@ -18,11 +18,16 @@ /// @param dst destination pointer. /// @param byte value to fill in. /// @param len length of of src. -EXTERN_C VoidPtr memset(void* dst, int byte, long long unsigned int len) { +EXTERN_C VoidPtr memset(void* dst, int byte, long long unsigned int len, long long unsigned int dst_size) { + if (!dst || len > dst_size) { + // For now, we return nullptr or an error status. + return nullptr; + } + unsigned char* p = (unsigned char*)dst; + unsigned char val = (unsigned char)byte; for (size_t i = 0UL; i < len; ++i) { - ((int*) dst)[i] = byte; + p[i] = val; } - return dst; } @@ -30,36 +35,39 @@ EXTERN_C VoidPtr memset(void* dst, int byte, long long unsigned int len) { /// @param dst destination pointer. /// @param src source pointer. /// @param len length of of src. -EXTERN_C VoidPtr memcpy(void* dst, const void* src, long long unsigned int len) { +EXTERN_C VoidPtr memcpy(void* dst, const void* src, long long unsigned int len, long long unsigned int dst_size) { + if (!dst || !src || len > dst_size) { + // Similar to memset, this is a critical failure. + return nullptr; + } + unsigned char* d = (unsigned char*)dst; + const unsigned char* s = (const unsigned char*)src; for (size_t i = 0UL; i < len; ++i) { - ((int*) dst)[i] = ((int*) src)[i]; + d[i] = s[i]; } - return dst; } /// @brief strlen definition in C++. -EXTERN_C size_t strlen(const char* whatToCheck) { - SizeT len = 0; - - while (whatToCheck[len] != 0) { +EXTERN_C size_t strlen(const char* whatToCheck, size_t max_len) { + size_t len = 0; + while (len < max_len && whatToCheck[len] != '\0') { ++len; } - return len; } /// @brief strcmp definition in C++. -EXTERN_C int strcmp(const char* whatToCheck, const char* whatToCheckRight) { - SizeT len = 0; - - while (whatToCheck[len] == whatToCheckRight[len]) { - if (whatToCheck[len] == 0) return 0; - - ++len; +EXTERN_C int strcmp(const char* whatToCheck, const char* whatToCheckRight, size_t max_len) { + size_t i = 0; + while (i < max_len && whatToCheck[i] == whatToCheckRight[i]) { + if (whatToCheck[i] == '\0') return 0; + ++i; } - - return len; + if (i == max_len) { + return 0; + } + return (unsigned char)whatToCheck[i] - (unsigned char)whatToCheckRight[i]; } /// @brief something specific to the Microsoft's ABI, When the stack grows too big. |