[v1] vbe: Add VBE 2.0+ OemData field to struct vbe_info

[SeaBIOS] [PATCH] vbe: Add VBE 2.0+ OemData field to struct vbe_info

Daniel Verkamp posted 1 patch 1 month, 3 weeks ago

Diff against v2
Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/seabios tags/patchew/20240306102728.2062789-1-daniel@drv.nu

There is a newer version of this series

src/std/vbe.h | 2 ++
1 file changed, 2 insertions(+)

Expand all Fold all

[SeaBIOS] [PATCH] vbe: Add VBE 2.0+ OemData field to struct vbe_info

Posted by Daniel Verkamp 1 month, 3 weeks ago

Per the VBE 2.0 specification, the VBE controller information is 512
bytes long when the "VBE2" signature is provided, instead of the
original 256 bytes.

src/bootsplash.c uses the original pre-VBE-2.0 256-byte structure while
also filling in the "VBE2" signature, so a video BIOS that makes use of
the VBE2 OemData area could write past the end of the allocated region.

The original bootsplash code did not have this bug; it was introduced
when the bootsplash VBE structures were merged with the VGA ROM struct
definitions.

Fixes: 69e941c159ed ("Merge bootsplash and VGA ROM vbe structure definitions")
Signed-off-by: Daniel Verkamp <daniel@drv.nu>
---
 src/std/vbe.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/std/vbe.h b/src/std/vbe.h
index 94b4ad86..fe96f5ec 100644
--- a/src/std/vbe.h
+++ b/src/std/vbe.h
@@ -18,6 +18,8 @@ struct vbe_info {
     struct segoff_s oem_product_string;
     struct segoff_s oem_revision_string;
     u8 reserved[222];
+    /* VBE 2.0 */
+    u8 oem_data[256];
 } PACKED;
 
 struct vbe_mode_info {
-- 
2.43.0

_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org