On Tue, Oct 23, 2007 at 09:06:16PM +0200, Christian Franke wrote:
> +/* Check memory address */
> +static int
> +addr_is_valid (grub_addr_t addr)
> +{
> + volatile unsigned char * p = (volatile unsigned char *)addr;
> + unsigned char x, y;
> + x = *p;
> + *p = x ^ 0xcf;
> + y = *p;
> + *p = x;
> + return y == (x ^ 0xcf);
> +}
0xff would be better IMO.
> + if (!(addr + size > addr && addr_is_valid (addr) && addr_is_valid
> (addr+size-1)))
> + grub_fatal ("invalid memory region %p - %p", (char*)addr,
> (char*)addr+size-1);
Should `addr + size > addr' be optimized out as `size > 0' ? (or if we need it
this way to check for overflows, should we prevent gcc from optimizing it?)
--
Robert Millan
<GPLv2> I know my rights; I want my phone call!
<DRM> What use is a phone call, if you are unable to speak?
(as seen on /.)
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
