gapz@dud-t . org noted that sparc64 installboot crashes if the bootblock is

zero-sized.  Apply similar fixes to installboot for other architectures.

5 files changed, 32 insertions, 17 deletions

diff --git a/sys/arch/mvme68k/stand/installboot/installboot.c b/sys/arch/mvme68k/stand/installboot/installboot.c
index 42784e46178..c88e4095c4a 100644
--- a/sys/arch/mvme68k/stand/installboot/installboot.c
+++ b/sys/arch/mvme68k/stand/installboot/installboot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: installboot.c,v 1.12 2008/01/30 02:13:04 krw Exp $ */
+/*	$OpenBSD: installboot.c,v 1.13 2010/11/19 18:11:19 deraadt Exp $ */
 /*	$NetBSD: installboot.c,v 1.5 1995/11/17 23:23:50 gwr Exp $ */
 
 /*
@@ -386,7 +386,7 @@ vid_to_disklabel(char *dkname, char *bootproto)
 	char *specname;
 	int exe_file, f;
 	struct mvmedisklabel *pcpul;
-	struct stat stat;
+	struct stat sb;
 	unsigned int exe_addr;
 	unsigned short exe_addr_u;
 	unsigned short exe_addr_l;
@@ -414,12 +414,15 @@ vid_to_disklabel(char *dkname, char *bootproto)
 	pcpul->version = 1;
 	strncpy(pcpul->vid_id, "M68K", 4);
 
-	fstat(exe_file, &stat);
+	if (fstat(exe_file, &sb);
+		err(1, "fstat: %s", bootproto);
+	if (sb.st_size < 0x20)
+		errx(1, "%s is too small", bootproto);
 
 	/* size in 256 byte blocks round up after a.out header removed */
 
 	pcpul->vid_oss = 2;
-	pcpul->vid_osl = (((stat.st_size -0x20) +511) / 512) *2;
+	pcpul->vid_osl = (((sb.st_size -0x20) +511) / 512) *2;
 
 	lseek(exe_file, 0x14, SEEK_SET);
 	read(exe_file, &exe_addr, 4);
diff --git a/sys/arch/mvme88k/stand/installboot/installboot.c b/sys/arch/mvme88k/stand/installboot/installboot.c
index 861a56d590d..14ad8ae8772 100644
--- a/sys/arch/mvme88k/stand/installboot/installboot.c
+++ b/sys/arch/mvme88k/stand/installboot/installboot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: installboot.c,v 1.10 2007/06/17 00:28:56 deraadt Exp $ */
+/*	$OpenBSD: installboot.c,v 1.11 2010/11/19 18:11:21 deraadt Exp $ */
 /*	$NetBSD: installboot.c,v 1.5 1995/11/17 23:23:50 gwr Exp $ */
 
 /*
@@ -423,12 +423,15 @@ char *bootproto;
 	pcpul->version = 1;
 	memcpy(pcpul->vid_id, "M88K", sizeof pcpul->vid_id);
 
-	fstat(exe_file, &stat);
+	if (fstat(exe_file, &sb) == -1)
+		err(1, "fstat: %s", bootproto);
+	if (sb.st_size < 0x20)
+		errx(1, "%s is too small", bootproto);
 
 	/* size in 256 byte blocks round up after a.out header removed */
 
 	pcpul->vid_oss = 2;
-	pcpul->vid_osl = (((stat.st_size -0x20) +511) / 512) *2;
+	pcpul->vid_osl = (((sb.st_size -0x20) +511) / 512) *2;
 
 	lseek(exe_file, 0x14, SEEK_SET);
 	read(exe_file, &exe_addr, 4);
diff --git a/sys/arch/mvmeppc/stand/installboot/installboot.c b/sys/arch/mvmeppc/stand/installboot/installboot.c
index cf3f879ebb6..a093cc9583b 100644
--- a/sys/arch/mvmeppc/stand/installboot/installboot.c
+++ b/sys/arch/mvmeppc/stand/installboot/installboot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: installboot.c,v 1.6 2007/06/17 00:28:57 deraadt Exp $ */
+/*	$OpenBSD: installboot.c,v 1.7 2010/11/19 18:11:21 deraadt Exp $ */
 /*	$NetBSD: installboot.c,v 1.5 1995/11/17 23:23:50 gwr Exp $ */
 
 /*
@@ -332,11 +332,9 @@ int	devfd;
 	fs = (struct fs *)sblock;
 
 	/* Sanity-check super-block. */
-	
-   if (fs->fs_magic != FS_MAGIC)
+	if (fs->fs_magic != FS_MAGIC)
 		errx(1, "Bad magic number in superblock");
-	
-   if (fs->fs_inopb <= 0)
+	if (fs->fs_inopb <= 0)
 		err(1, "Bad inopb=%d in superblock", fs->fs_inopb);
 
 	/* Read inode */
@@ -397,7 +395,7 @@ char *bootproto;
 	char *specname;
 	int exe_file, f;
 	struct cpu_disklabel *pcpul;
-	struct stat stat;
+	struct stat sb;
 	unsigned int exe_addr;
 	unsigned short exe_addr_u;
 	unsigned short exe_addr_l;
@@ -425,12 +423,15 @@ char *bootproto;
 	pcpul->version = 1;
 	memcpy(pcpul->vid_id, "M88K", sizeof pcpul->vid_id);
 
-	fstat(exe_file, &stat);
+	if (fstat(exe_file, &sb) == -1)
+		err(1, "fstat: %s", bootproto);
+	if (sb.st_size < 0x20)
+		errx(1, "%s is too small", bootproto);
 
 	/* size in 256 byte blocks round up after a.out header removed */
 
 	pcpul->vid_oss = 2;
-	pcpul->vid_osl = (((stat.st_size -0x20) +511) / 512) *2;
+	pcpul->vid_osl = (((sb.st_size -0x20) +511) / 512) *2;
 
 	lseek(exe_file, 0x14, SEEK_SET);
 	read(exe_file, &exe_addr, 4);
diff --git a/sys/arch/sparc/stand/installboot/installboot.c b/sys/arch/sparc/stand/installboot/installboot.c
index 4ba461e7391..abd88570b0e 100644
--- a/sys/arch/sparc/stand/installboot/installboot.c
+++ b/sys/arch/sparc/stand/installboot/installboot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: installboot.c,v 1.4 2003/08/25 23:36:46 tedu Exp $	*/
+/*	$OpenBSD: installboot.c,v 1.5 2010/11/19 18:11:21 deraadt Exp $	*/
 /*	$NetBSD: installboot.c,v 1.1 1997/06/01 03:39:45 mrg Exp $	*/
 
 /*
@@ -238,6 +238,12 @@ loadprotoblocks(fname, size)
 		close(fd);
 		return NULL;
 	}
+	if (statbuf.st_size == 0) {
+		warn(1, "%s is empty", fname);
+		close(fd);
+		return NULL;
+	}
+
 	if ((bp = calloc(roundup(statbuf.st_size, DEV_BSIZE), 1)) == NULL) {
 		warnx("malloc: %s: no memory", fname);
 		close(fd);
diff --git a/sys/arch/sparc64/stand/installboot/installboot.c b/sys/arch/sparc64/stand/installboot/installboot.c
index a1e60d544ad..0699cda4257 100644
--- a/sys/arch/sparc64/stand/installboot/installboot.c
+++ b/sys/arch/sparc64/stand/installboot/installboot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: installboot.c,v 1.7 2008/06/26 05:42:13 ray Exp $	*/
+/*	$OpenBSD: installboot.c,v 1.8 2010/11/19 18:11:21 deraadt Exp $	*/
 /*	$NetBSD: installboot.c,v 1.8 2001/02/19 22:48:59 cgd Exp $ */
 
 /*-
@@ -196,6 +196,8 @@ main(argc, argv)
 
 		if (fstat(protofd, &sb) < 0)
 			err(1, "fstat: %s", proto);
+		if (sb.st_size == 0)
+			errx(1, "%s is empty", proto);
 
 		/* there must be a better way */
 		blanklen = DEV_BSIZE - ((sb.st_size + DEV_BSIZE) & (DEV_BSIZE - 1));