search for: boot_len

...ion mode or our params will be * overwritten by the no emulation mode case @@ -831,7 +835,6 @@ void setup(const struct real_mode_args *rm_args_ptr) int no_bpt; /* No valid BPT presented */ uint32_t boot_seg = 0; /* Meaning 0000:7C00 */ uint32_t boot_len = 512; /* One sector */ - uint32_t boot_lba = 0; /* LBA of bootstrap code */ /* We need to copy the rm_args into their proper place */ memcpy(&rm_args, rm_args_ptr, sizeof rm_args); @@ -1027,11 +1030,12 @@ void setup(const struct real_mode_args *rm_args_ptr) pptr-&gt...

...image_len calculation is loop invariant, so some kind of boot_image_end or wpe pointer before the loop might be nicer. Unfortunately, the 8-bit boot_image_len (bytes) versus the 32-bit wp stride complicates things Maybe something like: const uint32_t * wpe = (const uint32_t *) boot_image + boot_len / sizeof *wpe; where the 'for' check could then: ... && wp < wpe We all know that it wouldn't actually bite us, but technically, if boot_image's memory's size isn't evenly divisible by 32 bits, the wp++ can land us in a position where a read access would yiel...

If the ldlinux being processed is garbage, the search for LDLINUX_MAGIC will overflow its buffer - fix that. I did encounter this issue in Rufus as, due to notorious incompatibilities between different versions of ldlinux.sys and the com32's residing on an ISO, we download a version specific ldlinux.sys from our server... which may get trashed if the user sits behind one of these

...seg) { @@ -1141,17 +1166,20 @@ relocate_rm_code(rm_base); /* Reboot into the new "disk" */ - puts("Loading boot sector... "); + if (!quiet) + puts("Loading boot sector... "); memcpy((void *)boot_base, (char *)pptr->diskbuf + boot_lba*512, boot_len); if (getcmditem("pause") != CMD_NOTFOUND) { - puts("press any key to boot... "); + puts("\n Press any key to boot... "); regs.eax.w[0] = 0; intcall(0x16, &regs, NULL); + puts("\n"); } - puts("booting...\n");...