summaryrefslogtreecommitdiff
path: root/payloads
diff options
context:
space:
mode:
authorKyösti Mälkki <kyosti.malkki@gmail.com>2018-05-19 08:58:01 +0300
committerKyösti Mälkki <kyosti.malkki@gmail.com>2018-05-21 04:48:28 +0000
commit185202c469977ab3c9b55cec7998f7746d518da1 (patch)
tree21ab94201cfbd629726fd37330a910d389da583f /payloads
parent0b71cf164b8fa999783e60fdf2bd0a73b13e707f (diff)
downloadcoreboot-185202c469977ab3c9b55cec7998f7746d518da1.tar.xz
libpayload: Fix payload .bss corruption
Third call to newwin() corrupted payload context. Fix array indexing and check for boundary. Sample payload coreinfo was affected, loader_eax variable got corrupted on my particular build. Change-Id: Iee98901cf57f0689f65ac43aa7e60e8aea092500 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/26394 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
Diffstat (limited to 'payloads')
-rw-r--r--payloads/libpayload/curses/tinycurses.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/payloads/libpayload/curses/tinycurses.c b/payloads/libpayload/curses/tinycurses.c
index 6f3f8b8d82..789accb475 100644
--- a/payloads/libpayload/curses/tinycurses.c
+++ b/payloads/libpayload/curses/tinycurses.c
@@ -65,7 +65,7 @@
/* Statically allocate all structures (no malloc())! */
static WINDOW window_list[MAX_WINDOWS];
-static int window_count = 1;
+static int window_count = 0;
// struct ldat foo;
static struct ldat ldat_list[MAX_WINDOWS][SCREEN_Y];
@@ -386,12 +386,17 @@ int mvwprintw(WINDOW *win, int y, int x, const char *fmt, ...)
// SCREEN *newterm (NCURSES_CONST char *,FILE *,FILE *) {}
WINDOW *newwin(int num_lines, int num_columns, int begy, int begx)
{
+ WINDOW *win;
int i;
/* Use next statically allocated window. */
- // TODO: Error handling.
+ // TODO: Error handling. Yes. Please.
// TODO: WINDOWLIST?
- WINDOW *win = &window_list[window_count++];
+
+ if (window_count >= MAX_WINDOWS)
+ return NULL;
+
+ win = &window_list[window_count++];
// bool is_pad = (flags & _ISPAD);