Permalink
Browse files

Restrict terminal size to 255x255 max to avoid uint8 overflow.

grub's terminal subsystem encodes x/y coordinates in a uint16.
When running grub-emu, it's not difficult to set up a terminal
with a size larger than this. The curses library routine will
return an int for the maximum x/y offsets for the window,
and dropping these into an int16 confuses grub.

Fix by clamping the returned size to 255 for x/y.
  • Loading branch information...
1 parent 10795f1 commit 70ace4fd43f5017d4aacc920017b5641c9d45431 @grehan-freebsd committed Apr 16, 2014
Showing with 16 additions and 0 deletions.
  1. +16 −0 grub-core/term/emu/console.c
@@ -42,6 +42,12 @@
#error What the hell?
#endif
+#ifdef BHYVE /* should include <sys/param.h> */
+#ifndef MIN
+#define MIN(a,b) (((a)<(b))?(a):(b))
+#endif
+#endif
+
static int grub_console_attr = A_NORMAL;
grub_uint8_t grub_console_cur_color = 7;
@@ -176,6 +182,11 @@ grub_ncurses_getxy (struct grub_term_output *term __attribute__ ((unused)))
getyx (stdscr, y, x);
+#ifdef BHYVE
+ x = MIN(x, 255);
+ y = MIN(y, 255);
+#endif
+
return (x << 8) | y;
}
@@ -187,6 +198,11 @@ grub_ncurses_getwh (struct grub_term_output *term __attribute__ ((unused)))
getmaxyx (stdscr, y, x);
+#ifdef BHYVE
+ x = MIN(x, 255);
+ y = MIN(y, 255);
+#endif
+
return (x << 8) | y;
}

0 comments on commit 70ace4f

Please sign in to comment.