From: Michael Brown <mcb30@ipxe.org>
Date: Tue, 13 Jun 2017 12:16:26 +0000 (+0100)
Subject: [hdprefix] Avoid attempts to read beyond the end of the disk
X-Git-Tag: v1.20.1~198
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=84e25513b1ce6aeb4f0d6c9d20cd687c00591de8;p=thirdparty%2Fipxe.git

[hdprefix] Avoid attempts to read beyond the end of the disk

When booting from a hard disk image (e.g. bin/ipxe.usb) within an
emulator such as QEMU, the disk may not exist beyond the end of the
image.  Limit all reads to the length of the image to avoid spurious
errors when loading the iPXE image.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---

diff --git a/src/arch/x86/prefix/hdprefix.S b/src/arch/x86/prefix/hdprefix.S
index 24f5d3850..28c8a532d 100644
--- a/src/arch/x86/prefix/hdprefix.S
+++ b/src/arch/x86/prefix/hdprefix.S
@@ -27,14 +27,18 @@ load_image:
 	popw	%es
 	popal
 	
-1:	/* Read to end of current track */
+1:	/* Read to end of current track (or end of image) */
 	movb	%cl, %al
 	negb	%al
 	addb	max_sector, %al
 	incb	%al
 	andb	$0x3f, %al
 	movzbl	%al, %eax
-	call	*read_sectors
+	movl	load_length, %ebx
+	cmpl	%eax, %ebx
+	ja	2f
+	movl	%ebx, %eax
+2:	call	*read_sectors
 	jc	load_failed
 	
 	/* Update %es */
@@ -53,12 +57,12 @@ load_image:
 	orb	$0x01, %cl
 	incb	%dh
 	cmpb	max_head, %dh
-	jbe	2f
+	jbe	3f
 	xorb	%dh, %dh
 	incb	%ch
-	jnc	2f
+	jnc	3f
 	addb	$0xc0, %cl
-2:
+3:
 	/* Loop until whole image is read */
 	subl	%eax, load_length
 	ja	1b