Picked from the commit at fe1c4dc7fe
The referenced issue is at https://github.com/dosemu2/fdpp/issues/212
The patch was applied using unix2dos on the patch file
then `patch -p1 --binary` with the patch file as stdin.
The original used a new define for the maximum path length.
As there is no difference to our current SFTMAX define I
changed this hunk to retain the SFTMAX use.
This fixes a bug when eg function 3Dh receives a buffer
that starts with ".\" but the byte in memory before this
buffer happens to be also a dot. I ran into this problem
semi-randomly during building EDR-DOS with the most recent
WarpLink build. If WarpLink was placed somewhat low in the
Low Memory Area then one of its function 3Dh calls would
happen to have a dot before the pathname buffer. (I had to
load lCDebug using the last fit strategy then enter TSR mode,
to catch the bug without the presence of the debugger working
around the occurrence of the bug.)
Original commit Metadata:
From: Stas Sergeev <stsp@users.sourceforge.net>
Date: Wed, 1 Feb 2023 13:01:55 +0500
Subject: [PATCH] truename: fix array overrun [fixes#212]
src[-2] was peeking into a random memory location.
It seems entire truename() is written by some morons... :(
Its completely unreadable and full of bugs.
lDebug wants to access the environment while executing
as a device driver. Instead of building it in a variable
then copying it to 68h:0 after FDCONFIG.SYS processing,
just build it there to begin with.
To be able to return free space on larger non local disks, the redirector
needs an extension. Dosemu2 has implemented this function and FDPP
has an almost identical patch to this. If the extension is not
implemented by your chosen redirector, then fallback to the standard
110c function is done for int21/7303.
With this patch up to 2TB (with Dosemu2 reporting in 512 blocks) can be
displayed.
This should be compatible to Enhanced DR-DOS.
Tested by building a boot image like the following:
nasm ../ldosmbr/oldmbr.asm -o oldmbr.bin
nasm ../ldosboot/boot.asm -D_FAT16=1 -I ../lmacros/ \
-D_LOAD_NAME="'LDEBUG'" -o boot16.bin
nasm bootimg.asm -I ../lmacros/ -o disk16.img \
-D_MBR -D_ALIGNDATA -D_BOOTPATCHFILE=boot16.bin \
-D_MBRPATCHFILE=oldmbr.bin -D_BPE=16 \
-D_SPI='(_SPC * 5000)' -D_NUMROOT=512 -D_SPC=256 \
-D_SPF='((_SPI / _SPC + 255) / 256)' \
-D_PAYLOADFILE=../ldebug/bin/ldebug.com,quit.com,\
::rename,../k256spc/bin/kernel.sys,kernel.sys,\
command.com,::fill,1,32,autoexec.bat
The repos bootimg, ldosboot, ldosmbr, and lmacros are
available at https://hg.pushbx.org/ecm/
The file ldebug.com is a recent bootable lDebug debugger.
The file command.com is a recent FreeCOM. The file quit.com
is assembled with NASM from
https://hg.pushbx.org/ecm/ldebug/file/e6035c05670a/misc/quit.asm
Run like this:
qemu-system-i386 -hda disk16.img -boot order=c -display curses
To the lDebug prompt "-" enter "boot protocol freedos",
then a "q" command. On success, the quit.com command
can be run to quit the qemu VM.
Not yet done:
- initdisk.c:512 uses MAXCLUSTSIZE defined to 128. This is
not difficult to change but it is unclear whether this
should be changed.
- The boot loaders are not yet adjuscted, requiring use of
the ldosboot or lDebug loaders instead.
- A patch for FORMAT (copylefted) version 0.91u is available
from the Enhanced DR-DOS project. Mirrored in the directory at
https://pushbx.org/ecm/download/edrdos/freedos/
This should be easy enough to update to the most recent version.
This format has several advantages:
* The CONFIG block need not be moved.
* The entire compressed image (depacker and payload) need
not be moved another time before the UPX depacker's own
operation.
* The CONFIG block always lives at 00602h, and the kernel
need not be aware whether it was compressed for detecting
which CONFIG block to use.
* Support for compressed images beyond 64 KiB for free.
(The assembly define TEST_FILL_INIT_TEXT can be passed in
NASMENV to test this support with 32 KiB of LFSR output.)
* A subsequent commit will shorten the stub to 64 bytes,
compared to the prior 32 + 45 = 77 bytes, with no loss
of features. (The packed payload is a bit shorter too.)
* The new stub also sets ds and es to the segment value
that would point to the DOS/EXE process's PSP. This is
apparently not used by the UPX depacker but could be in
a future or past version, or if another packer is used.
Some assembly tricks:
* SMC instead of checking the XMS driver address
in the DOS DS stub,
* SMC so that the address goes right into a
`call far immediate` instruction,
* use `repe cmpsw` to compare multiple words (saves
space over the individual word compares),
* near calls to far functions use push cs to build
a far-call stack frame,
* segments 0 and FFFFh generated by segment arithmetic
instead of loading from memory,
* common case (A20 already enabled) made to be the case
where the conditional branch just falls through, which
may be slightly better.
A crash was introduced by the prior commit, ee255d2. I
tested that the kernel still did build with gcc, but I
failed to test whether it also still runs. Turns out that
apparently changing the pointers to static made it so gcc
put the structure into the init data segment and
implicitly called memcpy to put it on the stack. That's
wrong, however. We depend on #define to convert all calls
in init to the init text copies of memcpy etc. The
implicit call by gcc however attempts to call the HMA text
copy of memcpy which happens to be at another offset.
The fix is to make the entire array of structs static so
that memory for it is allocated only in the init data
segment, not on the stack. This seems to work for both
gcc and OpenWatcom (no warnings, it builds, it runs).
CONFIG takes precedence and is by default initialised
to the empty string, that is, skipped. ALTCONFIG is
used to specify the 'alternative' filename and defaults
to fdconfig.sys. Finally, OLDCONFIG defaults to the
config.sys filename.
The protocol for this extension is based on what lDebug
already does given the PROTOCOL=FREEDOS with the switch
CMDLINE=1 (which was originally defined for the lDOS and
RxDOS load protocols). Therefore the stack frame mirrors
that of the lDOS protocol.
Also adds a CheckDebugger byte to the CONFIG block and
support for reading and writing this setting in the
SYS CONFIG program. Default is 0 (no check assume absent).
Here we depend on the signal instruction that is patched
by exeflat to indicate whether we were compressed. This
replaces the prior check that detected the UPX help data
solely by checking the CONFIG signature at 05E2h.
This commit does not change the behaviour of the code
as it already did the right thing. However, it notes
that that should happen. (This is DR DOS compatible.
For example, SHSUCDX depends on DR DOS setting this
segment so that it can keep track of the DOS DS
across it being relocated. We do not yet relocate it
but keeping a reference here is still useful.)
