From: chaoskagami Date: Wed, 28 Sep 2016 16:41:29 +0000 (-0400) Subject: Improve some documentation based on in-progress RE, zero-fill new program break ... X-Git-Tag: v0.3.1~83 X-Git-Url: https://chaos.moe/g/?a=commitdiff_plain;h=330cd376ccc71c89b0568ab3741ce56e2fa667f2;p=corbenik%2Fcorbenik.git Improve some documentation based on in-progress RE, zero-fill new program break (remind me not to rely on this) --- diff --git a/patch/prot.pco b/patch/prot.pco index c84e157..4a45f40 100644 --- a/patch/prot.pco +++ b/patch/prot.pco @@ -5,7 +5,30 @@ # $uuid 08 # $flags require -# Status: Untested, but theoretically fine (Next system update I'll either brick or I won't.) +# Status: Working + +# +# The firmprot patch works by nop'ing out a call in Process9 which normally +# is called post-update of the FIRM. Normally it is responsible for writing exe://.firm +# to the NAND. +# +# We first search for the 'exe:' string because this is a reliable constant located at the end +# of the stated function and is consistent through firmware versions. The full string is (null-terminated): +# +# "exe:/%016llx/.firm" +# +# Afterwards, we seek back 0x100 - which is close enough to the beginning of the function. +# Then we search for the following thumb mode code: +# +# cmp r0, #0 +# bge loc_8043f82 ; relative jump +# +# This is then replaced with the following assembly to stub out the NAND writing routine +# and prevent it from ever being called: +# +# movs r0, #0 +# nop +# rel section2 # String: 'exe:' diff --git a/source/std/allocator.c b/source/std/allocator.c index 4b21ed9..6ce278c 100644 --- a/source/std/allocator.c +++ b/source/std/allocator.c @@ -8,18 +8,21 @@ static uint32_t *heap_end = NULL; extern uint32_t __end__; /* Defined by the linker */ void* sbrk(size_t incr) { - uint32_t *prev_heap_end; + uint32_t *prev_heap_end; - if (heap_end == NULL) { - heap_end = &__end__; - } + if (heap_end == NULL) { + heap_end = &__end__; + } + + // FIXME - Make sure heap isn't leaking into stack here. That would be bad. + + prev_heap_end = heap_end; - // FIXME - Make sure heap isn't leaking into stack here. That would be bad. + heap_end += incr; - prev_heap_end = heap_end; + memset(prev_heap_end, 0, heap_end - prev_heap_end); // Clear heap. - heap_end += incr; - return (void*) prev_heap_end; + return (void*) prev_heap_end; } // This is an incredibly crappy and inefficient implementation of malloc/free nicked from stackoverflow.