about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorKartik K. Agaram <vc@akkartik.com>2021-04-28 22:22:55 -0700
committerKartik K. Agaram <vc@akkartik.com>2021-04-28 22:22:55 -0700
commit4541bfa59b37cd226187667951eebed0c5359c83 (patch)
tree0e6f5cd801aa32ffe64ac126174ea34b4c9376d7
parentdcb6a21a911d61c51d1f54c357b5c6fcb01dd7cc (diff)
downloadmu-4541bfa59b37cd226187667951eebed0c5359c83.tar.gz
extremely threadbare null-pointer protection
This protects us from reading null arrays, but not null structs.
It also doesn't protect us from writes to address 0 itself.

It is also incredibly unsafe. According to https://wiki.osdev.org/Memory_Map_(x86),
address 0 contains the real-mode IVT. Am I sure it'll never ever get used
after I switch to protected mode? I really need a page table, something
minimal to protect the first 4KB of physical memory or something.

I wonder what other languages/OSs do to protect against really large struct
definitions.
-rw-r--r--mu-init.subx6
1 files changed, 6 insertions, 0 deletions
diff --git a/mu-init.subx b/mu-init.subx
index b60249ba..5e7ae9bb 100644
--- a/mu-init.subx
+++ b/mu-init.subx
@@ -12,6 +12,12 @@
 Entry:
   # initialize stack
   bd/copy-to-ebp 0/imm32
+  # Clear memory location 0 to ensure that uninitialized arrays run afoul of
+  # the bounds checker.
+  # TODO: This is utterly bonkers, and does not actually protect us against
+  # all null pointer reads/writes. Create a real page table sometime.
+  b8/copy-to-eax 0/imm32
+  c7 0/subop/copy *eax 0/imm32
 #?   (main 0 0 Primary-bus-secondary-drive)
   # always first run tests
   (run-tests)