Chameleon

Chameleon Commit Details

Date:2012-11-06 16:44:02 (6 years 8 months ago)
Author:armel cadet-petit
Commit:2115
Parents: 2114
Message:security fixes, fixed acpicodec
Changes:
M/branches/cparm/i386/libsaio/stringTable.c
M/branches/cparm/i386/libsaio/convert.c
M/branches/cparm/i386/libsaio/xml.c
M/branches/cparm/i386/libsaio/uthash.h
M/branches/cparm/i386/libsaio/saio_types.h
M/branches/cparm/i386/libsaio/convert.h
M/branches/cparm/i386/boot2/boot.c
M/branches/cparm/i386/libsa/libsa.h
M/branches/cparm/i386/libsaio/fake_efi.c
M/branches/cparm/i386/modules/ACPICodec/acpi_codec.c
M/branches/cparm/i386/libsa/printf.c
M/branches/cparm/i386/libsaio/disk.c
M/branches/cparm/CHANGES
M/branches/cparm/i386/libsa/zalloc.c
M/branches/cparm/i386/libsaio/smbios.c

File differences

branches/cparm/CHANGES
11
2
3
4
5
26
37
48
- Security fixes
- Fixed few bugs in AcpiCodec
- Fixes some bugs related to the auto-installer
- Security fixes
- Using of optimized version for bcopy, bzero, strcmp, strcpy, strncpy, strlcat, strlcpy, strlen, strncmp, memset and memcmp
- Replaced strcmp (deprecated and unsecure) by strncmp as far as possible
- Decided to keep ld_classic to keep the compatibility with the apple's compiler from snow leopard (xcode 3.x) to Mountain lion (xcode 4.5) (in fact this has not changed since the last commit ;-) )
branches/cparm/i386/libsaio/xml.c
253253
254254
255255
256
256
257257
258258
259259
......
544544
545545
546546
547
547548
548549
549550
......
911912
912913
913914
914
915
915916
916917
917918
XMLParseFile( char * buffer, TagPtr * dict )
{
long length, pos;
TagPtr tag;
TagPtr tag = 0;
pos = 0;
char *configBuffer;
TagPtr tagList, tmpTag;
tagList = 0;
tmpTag = 0;
pos = 0;
if (!empty)
NewTag( void )
{
long cnt;
TagPtr tag;
TagPtr tag = 0;
if (gTagsFree == 0)
{
branches/cparm/i386/libsaio/disk.c
5555
5656
5757
58
5859
5960
6061
......
202203
203204
204205
206
205207
206208
207209
......
15841586
15851587
15861588
1589
1590
1591
1592
1593
1594
1595
1596
15871597
15881598
15891599
......
15981608
15991609
16001610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
16011650
16021651
16031652
1604
1653
16051654
16061655
16071656
16081657
1609
1658
16101659
16111660
16121661
......
16141663
16151664
16161665
1617
1666
16181667
16191668
16201669
16211670
16221671
16231672
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
16351689
1636
16371690
16381691
16391692
......
16421695
16431696
16441697
1645
1698
16461699
16471700
16481701
#include "bootstruct.h"
#include "platform.h"
#include "sl.h"
#include "convert.h"
#include "fdisk.h"
#ifdef UFS_SUPPORT
static bool getOSVersion(BVRef bvr, char *str);
static bool CheckDarwin(BVRef bvr);
static bool getOSInstallVersion(const char *dirSpec, char *str, config_file_t *systemVersion);
static bool getOSInstallURL(BVRef bvr, const char *dirSpec, config_file_t *config_file);
//==========================================================================
XMLGetElementWithID(pkg_p,
"com.apple.mpkg.OSInstall"),
(const char*)"Version"));
if (!version)
{
version = XMLCastString(XMLGetProperty(
XMLGetElementWithID(pkg_p,
"com.apple.pkg.CompatibilityUpdate"),
(const char*)"Version"));
}
if (version && strlen(version) >= 4)
{
return false;
}
static bool getOSInstallURL(BVRef bvr, const char *dirSpec, config_file_t *config_file)
{
if (!loadConfigFile(dirSpec, config_file))
{
char *encoded_url = XMLCastString(XMLGetProperty(config_file->dictionary, (const char*)"Product URL"));
if (!encoded_url) {
goto out;
}
DBG("encoded_url %s\n",encoded_url);
//char * dev_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"; // strlen = 36
//char * osx_product = "x-osproduct://";// strlen = 14
char * val = &encoded_url[(36+14)+1];
DBG("val %s\n",val);
char * buffer = newStringFromURL(val);
if (!buffer)
{
goto out;
}
DBG("buffer %s\n",buffer);
strlcpy(bvr->OSInstall, buffer, sizeof(bvr->OSInstall));
free(buffer);
return true;
}
out:
return false;
}
static bool getOSVersion(BVRef bvr, char *str)
{
bool valid = false;
config_file_t systemVersion;
config_file_t config_file;
char dirSpec[512];
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/System/Library/CoreServices/SystemVersion.plist", BIOS_DEV_UNIT(bvr), bvr->part_no);
if (!loadConfigFile(dirSpec, &systemVersion))
if (!loadConfigFile(dirSpec, &config_file))
{
valid = true;
}
{
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/System/Library/CoreServices/ServerVersion.plist", BIOS_DEV_UNIT(bvr), bvr->part_no);
if (!loadConfigFile(dirSpec, &systemVersion))
if (!loadConfigFile(dirSpec, &config_file))
{
bvr->OSisServer = true;
valid = true;
}
else
{
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/OS X Install Data/index.sproduct", BIOS_DEV_UNIT(bvr), bvr->part_no); // 10.8
if (!getOSInstallVersion(dirSpec, str, &systemVersion))
{
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/Mac OS X Install Data/index.sproduct", BIOS_DEV_UNIT(bvr), bvr->part_no); // 10.7
if (!getOSInstallVersion(dirSpec, str, &systemVersion))
return false;
else
return true;
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/.IAProductInfo", BIOS_DEV_UNIT(bvr), bvr->part_no);
DBG("dirSpec %s\n",dirSpec);
if (!loadConfigFile(dirSpec, &config_file))
{
if (getOSInstallURL(bvr, dirSpec, &config_file))
{
snprintf(dirSpec, sizeof(dirSpec),"hd(%d,%d)/%s/index.sproduct", BIOS_DEV_UNIT(bvr), bvr->part_no, bvr->OSInstall);
DBG("dirSpec %s\n",dirSpec);
if (!getOSInstallVersion(dirSpec, str, &config_file))
return false;
else
return true;
}
}
else return true;
}
}
const char *val;
int len;
if (getValueForKey(kProductVersion, &val, &len, &systemVersion))
if (getValueForKey(kProductVersion, &val, &len, &config_file))
{
// getValueForKey uses const char for val
// so copy it and trim
branches/cparm/i386/libsaio/smbios.c
5959
6060
6161
62
63
6462
6563
6664
#define SMBIOS_GETLEN(base) SMBIOS_GET8(base, 0x01)
#define SMBIOS_GETSTR(base) ((base) + SMBIOS_GETLEN(base))
typedef char* caddr_t;
static uint8_t
smbios_checksum(const caddr_t addr, const uint8_t len)
{
branches/cparm/i386/libsaio/uthash.h
639639
640640
641641
642
643
642
643
644
645
644646
645647
646648
unsigned _he_bkt_i; \
struct UT_hash_handle *_he_thh, *_he_hh_nxt; \
UT_hash_bucket *_he_new_buckets, *_he_newbkt; \
_he_new_buckets = (UT_hash_bucket*)uthash_malloc( \
2 * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \
unsigned long _he_bkt_size = 2 * tbl->num_buckets \
* sizeof(struct UT_hash_bucket); \
if (!(_he_bkt_size > 0)) { uthash_fatal( "unknown error"); } \
_he_new_buckets = (UT_hash_bucket*)uthash_malloc(_he_bkt_size); \
if (!_he_new_buckets) { uthash_fatal( "out of memory"); } \
memset(_he_new_buckets, 0, \
2 * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \
branches/cparm/i386/libsaio/stringTable.c
600600
601601
602602
603
603
604604
605605
606606
......
766766
767767
768768
769
770
771
772
773
774
775
769
776770
777771
772
773
774
775
776
777
778
778779
779780
780781
781
782
782783
783784
784785
......
793794
794795
795796
796
797
797
798798
799799
800800
801
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
802823
803824
804825
int ParseXMLFile( char * buffer, TagPtr * dict )
{
long length, pos;
TagPtr tag;
TagPtr tag = 0;
pos = 0;
char *configBuffer;
char *dirspec[] = {
"rd(0,0)/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"bt(0,0)/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"rd(0,0)/OS X Install Data/com.apple.Boot.plist",
"/OS X Install Data/com.apple.Boot.plist",
"bt(0,0)/OS X Install Data/com.apple.Boot.plist",
"rd(0,0)/Mac OS X Install Data/com.apple.Boot.plist",
"/Mac OS X Install Data/com.apple.Boot.plist",
"bt(0,0)/Mac OS X Install Data/com.apple.Boot.plist"
"bt(0,0)/Library/Preferences/SystemConfiguration/com.apple.Boot.plist"
};
char *dirspecInstall[] = {
"rd(0,0)/%s/com.apple.Boot.plist",
"/%s/com.apple.Boot.plist",
"bt(0,0)/%s/com.apple.Boot.plist"
};
char tmp[60];
config_file_t *config = &bootInfo->SystemConfig;
int i, fd, count, ret=-1, fixedsize;
int i, fd, count, fixedsize;
for(i = 0; (unsigned)i< sizeof(dirspec)/sizeof(dirspec[0]); i++)
{
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
safe_set_env(envSysConfigValid,true);
ret=0;
break;
return 0;
}
}
return ret;
BVRef bvr = ((BVRef)(uint32_t)get_env(envgBootVolume));
for(i = 0; (unsigned)i< sizeof(dirspecInstall)/sizeof(dirspecInstall[0]); i++)
{
snprintf(tmp, sizeof(tmp),dirspecInstall[i], bvr->OSInstall);
if ((fd = open(tmp)) >= 0)
{
// read file
fixedsize = MIN(file_size(fd),IO_CONFIG_DATA_SIZE);
count = read(fd, config->plist, fixedsize);
close(fd);
if (count != fixedsize) continue;
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
safe_set_env(envSysConfigValid,true);
return 0;
}
}
return -1;
}
#ifdef BOOT_HELPER_SUPPORT
branches/cparm/i386/libsaio/convert.c
77
88
99
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
1036
1137
1238
#include "convert.h"
/** convert URL to a string */
char * newStringFromURL(char* string)
{
char * buffer = newString(string);
int maxlen = strlen(buffer);
// replace "%20" by spaces.
int len = 0;
while (buffer[len] != '\0') {
if (buffer[len] == '%' && buffer[len+1] == '2' && buffer[len+2] == '0')
{
buffer[len] = ' ';
strlcpy(&buffer[len+1], &buffer[len+3], maxlen - (len+1));
}
len++;
}
//DBG("%s maxlen : %d, newlen : %lu\n",buffer, maxlen, strlen(buffer));
// This will leak a little bit, i mean as you can see the final string will be slightly smaller than the allocated string buffer,
// to fix this you can realloc the buffer, or do another newString(xxx) then free the first buffer, i choose to do nothing.
return buffer ;
}
/** Transform a 16 bytes hexadecimal value UUID to a string */
const char * getStringFromUUID(const EFI_CHAR8* eUUID)
{
branches/cparm/i386/libsaio/saio_types.h
282282
283283
284284
285
285286
286287
287288
bool filtered; /* newFilteredBVChain() will set to TRUE */
bool visible; /* will shown in the device list */
char OSVersion[8];
char OSInstall[30];
bool kernelfound; /* mach_kernel found in default location, currently only /mach_kernel is supported */
bool OSisServer; /* 1 = OS X server , 0 = OS X client, not to be confused with Platform->CPU.isServer which means it tries to emulate an xserve in the smbios */
};
branches/cparm/i386/libsaio/convert.h
1717
1818
1919
20
2021
2122
2223
EFI_CHAR8* getUUIDFromString(const char *source);
void *convertHexStr2Binary(const char *hexStr, int *outLength);
uint32_t ascii_hex_to_int(char *buff);
char * newStringFromURL(char* string);
static inline uint16_t dp_swap16(uint16_t toswap)
{
branches/cparm/i386/libsaio/fake_efi.c
613613
614614
615615
616
616
617617
618618
619619
620
620
621
622
623
624
621625
622626
623
624
627
625628
626629
627
628630
629631
630
632
631633
632
633
634
634635
636
637
638
639
635640
636641
637642
EFI_CHAR16* dst = 0;
if (!key || !(*key) || !src) return 0;
if (!key || !(*key) || !src) goto error;
int tmp_len = strlen(src);
dst = (EFI_CHAR16*) malloc( ((tmp_len)+1) * 2 );
*len = ((tmp_len)+1) * 2; // return the CHAR16 bufsize in cluding zero terminated CHAR16
if (!(*len > 0)) goto error;
dst = (EFI_CHAR16*) malloc( *len );
if (!dst)
{
*len = 0;
return NULL;
goto error;
}
*len = tmp_len;
{
size_t i = 0;
for (; i < (*len); i++) dst[i] = src[i];
for (; i < (tmp_len); i++) dst[i] = src[i];
}
dst[(*len)] = '\0';
*len = ((*len)+1)*2; // return the CHAR16 bufsize in cluding zero terminated CHAR16
dst[(tmp_len)] = '\0';
return dst;
error:
*len = 0;
return NULL;
}
/*
branches/cparm/i386/boot2/boot.c
683683
684684
685685
686
686
687687
688
688
689689
690690
691691
}
} while (0);
}
do {
if (trycache == true)
if (trycache == true || forcecache == true)
{
bootFile = gBootKernelCacheFile;
verbose("Loading kernel cache %s\n", bootFile);
branches/cparm/i386/modules/ACPICodec/acpi_codec.c
216216
217217
218218
219
220
221
222
223
219
220
221
222
223
224
225
226
224227
225228
226229
......
233236
234237
235238
236
237
238
239
239
240
241
242
243
244
245
240246
241247
242248
......
15811587
15821588
15831589
1584
1590
15851591
15861592
15871593
......
17591765
17601766
17611767
1762
1768
17631769
17641770
17651771
......
49144920
49154921
49164922
4917
4923
49184924
49194925
49204926
for (index = 0; index < (MAX_ACPI_TABLE + RESERVED_AERA); index++)
{
if (*(U32 *) (table_array[index]->Signature) == Signature)
{
*retIndex = index;
return table_array[index] ;
}
if (table_array[index])
{
if (*(U32 *) (table_array[index]->Signature) == Signature)
{
*retIndex = index;
return table_array[index] ;
}
}
}
return (void*)0ul;
}
for (index = 0; index < (MAX_ACPI_TABLE + RESERVED_AERA); index++)
{
if (*(U32 *) (table_array[index]->Signature) == Signature)
{
InstalledTables++ ;
}
if (table_array[index])
{
if (*(U32 *) (table_array[index]->Signature) == Signature)
{
InstalledTables++ ;
}
}
}
return InstalledTables;
}
* expert mode : 1 , mean add only p-states found in boot.plist
*/
TagPtr PstateTag;
TagPtr PstateTag = 0;
U32 pstate_tag_count = 0;
{
{
{
TagPtr CstateTag;
TagPtr CstateTag = 0;
U32 entry_count = 0;
if (personality->dictionary)
if (rsdp == (void*)0ul || (GetChecksum(rsdp, (rsdp->Revision == 0) ? ACPI_RSDP_REV0_SIZE:sizeof(ACPI_TABLE_RSDP)) != 0) )
{
printf("Error : ACPI RSD PTR Revision %d checksum is incorrect or table not found \n",rsdp->Revision );
printf("Error : ACPI RSD PTR checksum is incorrect or table not found \n");
Register_Acpi_Efi(NULL, 0);
return EFI_UNSUPPORTED;
}
branches/cparm/i386/libsa/libsa.h
5555
5656
5757
58
59
60
5861
5962
6063
......
109112
110113
111114
112
113
114
115
116
117
118115
119116
120117
#define isxdigit(c) ((c >= '0' && c <= '9') || (c >= 'A' && c <= 'F') || (c >= 'a' && c <= 'f'))
#define ispunct(c) (c == '.' || c == '-') //Azi: TODO - add more ponctuation characters as needed; at least these two, i need for PartNo.
typedef char* caddr_t;
/*
* string.c
*/
extern unsigned long long strtouq(const char *nptr, char ** endptr, int base);
/*
* prf.c
*/
//extern int prf(const char * fmt, va_list ap, void (*putfn_p)(),
// void * putfn_arg);
/*
* printf.c
*/
extern int sprintf(char *s, const char * format, ...);
branches/cparm/i386/libsa/printf.c
651651
652652
653653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
654
retval = vsnprintf(str, size, format, ap);
va_end(ap);
return(retval);
}
#if 0
/*
* Copyright (c) 1999-2003 Apple Computer, Inc. All rights reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
* Portions Copyright (c) 1999-2003 Apple Computer, Inc. All Rights
* Reserved. This file contains Original Code and/or Modifications of
* Original Code as defined in and that are subject to the Apple Public
* Source License Version 2.0 (the "License"). You may not use this file
* except in compliance with the License. Please obtain a copy of the
* License at http://www.apple.com/publicsource and read it before using
* this file.
*
* The Original Code and all software distributed under the License are
* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT. Please see the
* License for the specific language governing rights and limitations
* under the License.
*
* @APPLE_LICENSE_HEADER_END@
*/
/*
* Mach Operating System
* Copyright (c) 1990 Carnegie-Mellon University
* Copyright (c) 1989 Carnegie-Mellon University
* Copyright (c) 1988 Carnegie-Mellon University
* Copyright (c) 1987 Carnegie-Mellon University
* All rights reserved. The CMU software License Agreement specifies
* the terms and conditions for use and redistribution.
*/
/*
* Copyright (c) 1982, 1986 Regents of the University of California.
* All rights reserved. The Berkeley software License Agreement
* specifies the terms and conditions for redistribution.
*
*@(#)prf.c7.1 (Berkeley) 6/5/86
*/
#include <sys/param.h>
#define SPACE1
#define ZERO2
#define UCASE 16
/*
* Scaled down version of C Library printf.
* Used to print diagnostic information directly on console tty.
* Since it is not interrupt driven, all system activities are
* suspended.
*
*/
/*
* Printn prints a number n in base b.
* We don't use recursion to avoid deep kernel stacks.
*/
static int
printn(u_long n, int b, int flag, int minwidth, void (*putfn_p)(int ch, void *arg), void *putfn_arg)
{
char prbuf[11];
register char *cp;
int width = 0, neg = 0, len = 0;
if (b == 10 && (int)n < 0) {
neg = 1;
n = (unsigned)(-(int)n);
}
cp = prbuf;
do {
*cp++ = "0123456789abcdef0123456789ABCDEF"[(flag & UCASE) + n%b];
n /= b;
width++;
} while (n);
if (neg) {
(*putfn_p)('-', putfn_arg);
width++;
len++;
}
while (width++ < minwidth)
{
(*putfn_p)( (flag & ZERO) ? '0' : ' ', putfn_arg);
len++;
}
do
{
(*putfn_p)(*--cp, putfn_arg);
len++;
} while (cp > prbuf);
return len;
}
int __doprnt(
const char *fmt,
va_list argp,
void (*putfn_p)(int ch, void *arg),
void *putfn_arg,
int radix
)
{
int b, c, len =0;
char *s;
int flag = 0, width = 0;
int minwidth;
unsigned int *adx = (unsigned int*)argp;
loop:
while ((c = *fmt++) != '%') {
if(c == '\0')
return len;
if (putfn_p) {
(*putfn_p)(c, putfn_arg);
}
len++;
}
minwidth = 0;
again:
c = *fmt++;
switch (c) {
case 'l':
goto again;
case ' ':
flag |= SPACE;
goto again;
case '0':
if (minwidth == 0) {
/* this is a flag */
flag |= ZERO;
goto again;
} /* fall through */
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
minwidth *= 10;
minwidth += c - '0';
goto again;
case 'X':
flag |= UCASE;
/* fall through */
case 'x':
b = 16;
goto number;
case 'd':
b = 10;
goto number;
case 'o': case 'O':
b = 8;
number:
len += printn((u_long)*adx, b, flag, minwidth, putfn_p, putfn_arg);
break;
case 's':
s = (char *)*adx;
while ((c = *s++)) {
if (putfn_p) {
(*putfn_p)(c, putfn_arg);
}
len++;
width++;
}
while (width++ < minwidth) {
if (putfn_p) {
(*putfn_p)(' ', putfn_arg);
}
len++;
}
break;
case 'c':
if (putfn_p) {
(*putfn_p)((char)*adx, putfn_arg);
}
len++;
break;
default:
break;
}
adx++;
goto loop;
}
#endif
}
branches/cparm/i386/libsa/zalloc.c
3232
3333
3434
35
35
3636
3737
3838
#include "libsa.h"
#include "memory.h"
#define ZDEBUG 1
#define ZDEBUG 0
#if ZDEBUG
int zout;

Archive Download the corresponding diff file

Revision: 2115