Fix zealbooter memmap kernel header buffer-overflow.

Previously the zealbooter memmap e820 assignment loop used the entry count value passed via limine, without checking if it was over MEM_E820_ENTRIES_NUM, the #define constant value limit of entries that are stored in the kernel header's e820 region. This commit bumps up the constant entry count to 64 from 48, and also adds a small check in zealbooter to ensure that the entry count value used in the memmap loop caps off at the constant value.
2024-12-25 23:10:32 +00:00 · 2022-09-12 00:41:09 -04:00 · 2022-09-12 00:41:09 -04:00 · 8297c769e6
commit 8297c769e6
parent ad20a7a710
3 changed files with 19 additions and 8 deletions
--- a/src/Kernel/KernelA.HH
+++ b/src/Kernel/KernelA.HH
@ -427,7 +427,7 @@ class CSysLimitBase
 };

 #help_index "Memory/Info"
-#define MEM_E820_ENTRIES_NUM	48
+#define MEM_E820_ENTRIES_NUM	64
 #define MEM_E820t_USABLE		1
 #define MEM_E820t_RESERVED		2
 #define MEM_E820t_ACPI			3
--- a/zealbooter/trampoline.S
+++ b/zealbooter/trampoline.S
@ -5,9 +5,6 @@ trampoline:
    // Set new stack
    mov %rdx, %rsp

-//    hlt
-//    hlt
-
    // Load GDTR
    lgdt (%rcx)

--- a/zealbooter/zealbooter.c
+++ b/zealbooter/zealbooter.c
@ -44,7 +44,7 @@ struct CDate {
    int32_t date;
 } __attribute__((packed));

-#define MEM_E820_ENTRIES_NUM 48
+#define MEM_E820_ENTRIES_NUM 64

 #define MEM_E820T_USABLE 1
 #define MEM_E820T_RESERVED 2
@ -243,8 +243,22 @@ void _start(void) {

    kernel->mem_physical_space = 0;

+    size_t mem_count = 0;
+    if (memmap_request.response->entry_count > MEM_E820_ENTRIES_NUM)
+    {
+        mem_count = MEM_E820_ENTRIES_NUM;
+        // If limine hands us more regions than the constant, cap it off early instead of buffer overflowing into kernel headers.
+        // This won't guarantee we'll get lucky with framebuffer placement passed via limine.
+        // If the mem_count gets capped at the constant, the system should still boot fully (drive activity lights, reading compiler and code from disc, etc),
+        // just possibly with no visible framebuffer.  :^)
+    }
+    else
+    {
+        mem_count = memmap_request.response->entry_count;
+    }
+
    printf("memory map:\n");
-    for (size_t i = 0; i < memmap_request.response->entry_count; i++) {
+    for (size_t i = 0; i < mem_count; i++) {
        struct limine_memmap_entry *entry = memmap_request.response->entries[i];
        int our_type;

@ -293,7 +307,7 @@ void _start(void) {
    }
    printf("\n");

-    kernel->mem_E820[memmap_request.response->entry_count].type = 0;
+    kernel->mem_E820[mem_count].type = 0;

    kernel->mem_physical_space = align_up_u64(kernel->mem_physical_space, 0x200000);