]> Projects (at) Tadryanom (dot) Me - AdrOS.git/commit
projects / AdrOS.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60f30d2) | patch
fix: audit and correct bugs in Fases 1-4
authorTulio A M Mendes <[email protected]>
Tue, 10 Feb 2026 08:13:16 +0000 (05:13 -0300)
committerTulio A M Mendes <[email protected]>
Fri, 13 Feb 2026 02:20:33 +0000 (23:20 -0300)
commit316d4ef4f9624b4a55537fc299a403f84af52bff
treebfa79c8d0968a632a2819b5669594537c667fe88tree | snapshot
parent60f30d25160b96eb41d744ae4e3dc687794cc2c7commit | diff
fix: audit and correct bugs in Fases 1-4

Fase 1 (CPUID):
- cpuid.c: Replace strict-aliasing-violating uint32_t* casts for
  vendor string with memcpy() to avoid UB
- cpuid.c: Increase itoa tmp buffer from 4 to 12 bytes to prevent
  potential overflow with larger APIC IDs

Fase 2 (Spinlock): No bugs found — TTAS + cpu_relax + barriers OK

Fase 3 (SYSENTER):
- sysenter.S: Add 'cld' at entry to clear direction flag. Userspace
  could leave DF=1 and SYSENTER doesn't reset EFLAGS, which would
  corrupt any kernel string/memory operations using rep movsb/stosb

Fase 4 (ulibc):
- stdio.c: Fix PUTC macro underflow — use 'pos+1 < size' instead
  of 'pos < size-1' which underflows to SIZE_MAX when size==0
- stdio.c: Fix vsnprintf(buf, 0, fmt) — was counting raw format
  chars instead of returning 0; now returns 0 immediately
- stdlib.c: Use uintptr_t instead of unsigned int for brk() pointer
  comparison to be correct on all architectures
- unistd.c: Replace 'hlt' with 'nop' in _exit() fallback loop —
  hlt is privileged and causes #GP in ring 3

Passes: make, ulibc build, cppcheck, QEMU smoke test.
src/arch/x86/cpuid.c diff | blob | blame | history
src/arch/x86/sysenter.S diff | blob | blame | history
user/ulibc/src/stdio.c diff | blob | blame | history
user/ulibc/src/stdlib.c diff | blob | blame | history
user/ulibc/src/unistd.c diff | blob | blame | history
AdrOS - A Unix-like Operating System for hobby/academic study.