aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorH. Peter Anvin <hpa@zytor.com>2010-08-11 10:42:51 -0700
committerH. Peter Anvin <hpa@zytor.com>2010-08-11 10:42:51 -0700
commit5b1f5189081f677e4a578e2a6d52c60a7c082e1d (patch)
treeacf19d265b290c8b07268700cef25e6a0113367e
parent17cdc1e604dbed3c7a5aefc37a3fb303c539225e (diff)
downloadbak.git-5b1f5189081f677e4a578e2a6d52c60a7c082e1d.tar.gz
bak.git-5b1f5189081f677e4a578e2a6d52c60a7c082e1d.tar.xz
bak.git-5b1f5189081f677e4a578e2a6d52c60a7c082e1d.zip
core: look for invalid MBR handover information address
The Win7 MBR doesn't provide proper handover information. Instead, it leaves DS:SI = 0:0x7e00, so reject that information as invalid on grounds that it is pointed into the bootloader area. Signed-off-by: H. Peter Anvin <hpa@zytor.com>
-rw-r--r--core/diskstart.inc15
1 files changed, 12 insertions, 3 deletions
diff --git a/core/diskstart.inc b/core/diskstart.inc
index c0ba52a0..c0301d4b 100644
--- a/core/diskstart.inc
+++ b/core/diskstart.inc
@@ -31,9 +31,10 @@ PartInfo equ StackBuf
.gpt equ PartInfo+20
FloppyTable equ PartInfo+76
; Total size of PartInfo + FloppyTable == 76+16 = 92 bytes
-Hidden equ StackBuf-20 ; Partition offset
-OrigFDCTabPtr equ StackBuf-12 ; The 2nd high dword on the stack
-OrigESDI equ StackBuf-8 ; The high dword on the stack
+Hidden equ StackBuf-24 ; Partition offset (qword)
+OrigFDCTabPtr equ StackBuf-16 ; Original FDC table
+OrigDSSI equ StackBuf-12 ; DS:SI -> partinfo
+OrigESDI equ StackBuf-8 ; ES:DI -> $PnP structure
DriveNumber equ StackBuf-4 ; Drive number
StackHome equ Hidden ; The start of the canonical stack
@@ -116,6 +117,8 @@ start:
push dx ; Save drive number (in DL)
push es ; Save initial ES:DI -> $PnP pointer
push di
+ push ds ; Save original DS:SI -> partinfo
+ push si
mov es,cx
;
@@ -174,6 +177,12 @@ floppy:
; Note: di points to beyond the end of PartInfo
;
harddisk:
+ mov dx,[di-76-10] ; Original DS
+ mov si,[di-76-12] ; Original SI
+ shr si,4
+ add dx,si
+ cmp dx,PartInfo >> 4
+ jae .no_partition
test byte [di-76],7Fh ; Sanity check: "active flag" should
jnz .no_partition ; be 00 or 80
cmp [di-76+4],cl ; Sanity check: partition type != 0