From 35dbae15a0f4ad8467b49c914398a55a52067d2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andrius=20=C5=A0tikonas?= Date: Sun, 28 Aug 2022 23:06:47 +0100 Subject: [PATCH] Further fixes to hex2 command line parsing. Do not hang if not arguments is specified or input file does not exist. --- amd64/Development/hex2.M1 | 12 +++++++++--- amd64/Development/hex2.S | 12 +++++++++--- amd64/hex2.hex1 | 16 +++++++++++----- 3 files changed, 29 insertions(+), 11 deletions(-) diff --git a/amd64/Development/hex2.M1 b/amd64/Development/hex2.M1 index a3eb89e..4e0e38c 100644 --- a/amd64/Development/hex2.M1 +++ b/amd64/Development/hex2.M1 @@ -176,15 +176,20 @@ DEFINE xor_r9,r9 4D31C9 :loop_options_done # Open file for reading - lea_rdx,[rip+DWORD] %fin # arg2 = &fin pop_r8 # arg3 = in + push !1 # Set exit code in case of failure + cmp_r8, !0 # If NULL + je %failed_input # then exit + lea_rdx,[rip+DWORD] %fin # arg2 = &fin push !1 # arg5 = EFI_FILE_READ_ONLY push !1 # prepare to set arg4 to EFI_FILE_MODE_READ pop_r9 # arg4 = EFI_FILE_MODE_READ mov_rcx,[rip+DWORD] %rootdir # arg1 = rootdir sub_rsp, !32 # allocate shadow stack space for UEFI function call_[rcx+BYTE] !8 # rootdir->open() - add_rsp, !40 # deallocate stack + cmp_rax, !0 # If failed to open + jne %failed_input # then exit + add_rsp, !48 # deallocate stack # Open file for writing pop_r8 # arg3 = out @@ -199,7 +204,7 @@ DEFINE xor_r9,r9 4D31C9 mov_rcx,[rip+DWORD] %rootdir # arg1 = rootdir sub_rsp, !32 # allocate shadow stack space for UEFI function call_[rcx+BYTE] !8 # rootdir->open() - add_rsp, !40 # deallocate stack + add_rsp, !48 # deallocate stack # Allocate ourselves 16 MiB of memory mov_rdx, %0x1000000 # allocate 16 MiB of memory @@ -701,6 +706,7 @@ DEFINE xor_r9,r9 4D31C9 mov_rcx,[rip+DWORD] %fin # get fin call %close_file # close fin +:failed_input mov_rcx,[rip+DWORD] %rootdir # get rootdir call %close_file # close rootdir diff --git a/amd64/Development/hex2.S b/amd64/Development/hex2.S index a114a1a..50f9010 100644 --- a/amd64/Development/hex2.S +++ b/amd64/Development/hex2.S @@ -67,15 +67,20 @@ loop_options: loop_options_done: # Open file for reading - lea rdx, [rip+fin] # arg2 = &fin pop r8 # arg3 = in + push 1 # Set exit code in case of failure + cmp r8, 0 # If NULL + je failed_input # then exit + lea rdx, [rip+fin] # arg2 = &fin push 1 # arg5 = EFI_FILE_READ_ONLY push 1 # prepare to set arg4 to EFI_FILE_MODE_READ pop r9 # arg4 = EFI_FILE_MODE_READ mov rcx, [rip+rootdir] # arg1 = rootdir sub rsp, 32 # allocate shadow stack space for UEFI function call [rcx+8] # rootdir->open() - add rsp, 40 # deallocate stack + cmp rax, 0 # If failed to open + jne failed_input # then exit + add rsp, 48 # deallocate stack # Open file for writing pop r8 # arg3 = out @@ -90,7 +95,7 @@ loop_options_done: mov rcx, [rip+rootdir] # arg1 = rootdir sub rsp, 32 # allocate shadow stack space for UEFI function call [rcx+8] # rootdir->open() - add rsp, 40 # deallocate stack + add rsp, 48 # deallocate stack # Allocate ourselves 16 MiB of memory mov rdx, 0x1000000 # allocate 16 MiB of memory @@ -592,6 +597,7 @@ failed_output: mov rcx, [rip+fin] # get fin call close_file # close fin +failed_input: mov rcx, [rip+rootdir] # get rootdir call close_file # close rootdir diff --git a/amd64/hex2.hex1 b/amd64/hex2.hex1 index 48c1efd..e135a50 100644 --- a/amd64/hex2.hex1 +++ b/amd64/hex2.hex1 @@ -132,9 +132,9 @@ F0 00 # SizeOfOptionalHeader # [0x148] # Start of section headers 00 00 00 00 00 00 00 00 ; Name of the section (empty) but could set to ".text" -C7 06 00 00 ; VirtualSize +DD 06 00 00 ; VirtualSize 00 10 00 00 ; VirtualAddress -C7 06 00 00 ; SizeOfRawData +DD 06 00 00 ; SizeOfRawData 70 01 00 00 ; PointerToRawData 00 00 00 00 ; PointerToRelocations 00 00 00 00 ; PointerToLinenumbers @@ -195,15 +195,20 @@ C7 06 00 00 ; SizeOfRawData :b #:loop_options_done # Open file for reading - 488D15 %0 ; lea_rdx,[rip+DWORD] %fin # arg2 = &fin 4158 ; pop_r8 # arg3 = in + 6A 01 ; push !1 # Set exit code in case of failure + 4983F8 00 ; cmp_r8, !0 # If NULL + 0F84 %8 ; je %failed_input # then exit + 488D15 %0 ; lea_rdx,[rip+DWORD] %fin # arg2 = &fin 6A 01 ; push !1 # arg5 = EFI_FILE_READ_ONLY 6A 01 ; push !1 # prepare to set arg4 to EFI_FILE_MODE_READ 4159 ; pop_r9 # arg4 = EFI_FILE_MODE_READ 488B0D %3 ; mov_rcx,[rip+DWORD] %rootdir # arg1 = rootdir 4883EC 20 ; sub_rsp, !32 # allocate shadow stack space for UEFI function FF51 08 ; call_[rcx+BYTE] !8 # rootdir->open() - 4883C4 28 ; add_rsp, !40 # deallocate stack + 4883F8 00 ; cmp_rax, !0 # If failed to open + 0F85 %8 ; jne %failed_input # then exit + 4883C4 30 ; add_rsp, !48 # deallocate stack # Open file for writing 4158 ; pop_r8 # arg3 = out @@ -218,7 +223,7 @@ C7 06 00 00 ; SizeOfRawData 488B0D %3 ; mov_rcx,[rip+DWORD] %rootdir # arg1 = rootdir 4883EC 20 ; sub_rsp, !32 # allocate shadow stack space for UEFI function FF51 08 ; call_[rcx+BYTE] !8 # rootdir->open() - 4883C4 28 ; add_rsp, !40 # deallocate stack + 4883C4 30 ; add_rsp, !48 # deallocate stack # Allocate ourselves 16 MiB of memory 48C7C2 00000001 ; mov_rdx, %0x1000000 # allocate 16 MiB of memory @@ -720,6 +725,7 @@ C7 06 00 00 ; SizeOfRawData 488B0D %0 ; mov_rcx,[rip+DWORD] %fin # get fin E8 %U ; call %close_file # close fin +:8 # :failed_input 488B0D %3 ; mov_rcx,[rip+DWORD] %rootdir # get rootdir E8 %U ; call %close_file # close rootdir