From dcb9c2c08fe33d0d04511ec6f46bf1d1c5980236 Mon Sep 17 00:00:00 2001
From: John Hodge <tpg@ucc.asn.au>
Date: Sat, 21 Dec 2013 17:37:17 +0800
Subject: [PATCH] Kernel - Fixed crash in vfs from assuming allocated memory is
 zero

- Also some code cleanup (no behavior change)
---
 KernelLand/Kernel/binary.c     | 19 ++++++++-----------
 KernelLand/Kernel/semaphore.c  |  5 +++++
 KernelLand/Kernel/system.c     |  5 ++++-
 KernelLand/Kernel/vfs/handle.c |  5 ++++-
 4 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/KernelLand/Kernel/binary.c b/KernelLand/Kernel/binary.c
index 46f93232..3dab6a92 100644
--- a/KernelLand/Kernel/binary.c
+++ b/KernelLand/Kernel/binary.c
@@ -31,7 +31,7 @@ extern tKernelSymbol	gKernelSymbolsEnd[];
 extern tBinaryType	gELF_Info;
 
 // === PROTOTYPES ===
- int	Binary_int_CacheArgs(const char **Path, const char ***ArgV, const char ***EnvP, void *DestBuffer);
+size_t	Binary_int_CacheArgs(const char **Path, const char ***ArgV, const char ***EnvP, void *DestBuffer);
  int	Proc_int_Execve(const char *File, const char **ArgV, const char **EnvP, int DataSize, bool bClearUser);
 tVAddr	Binary_Load(const char *Path, tVAddr *EntryPoint);
 tBinary	*Binary_GetInfo(tMount MountID, tInode InodeID);
@@ -95,9 +95,10 @@ int Proc_Spawn(const char *Path)
 /**
  * \todo Document
  */
-int Binary_int_CacheArgs(const char **Path, const char ***ArgV, const char ***EnvP, void *DestBuffer)
+size_t Binary_int_CacheArgs(const char **Path, const char ***ArgV, const char ***EnvP, void *DestBuffer)
 {
-	 int	size, argc=0, envc=0;
+	size_t	size;
+	 int	argc=0, envc=0;
 	 int	i;
 	char	*strbuf;
 	const char	**arrays;
@@ -172,21 +173,17 @@ int Binary_int_CacheArgs(const char **Path, const char ***ArgV, const char ***En
  */
 int Proc_SysSpawn(const char *Binary, const char **ArgV, const char **EnvP, int nFD, int *FDs)
 {
-	void	*handles;
-	void	*cachebuf;
-	 int	size;
-	tPID	ret;
 	
 	// --- Save File, ArgV and EnvP
-	size = Binary_int_CacheArgs( &Binary, &ArgV, &EnvP, NULL );
-	cachebuf = malloc( size );
+	size_t size = Binary_int_CacheArgs( &Binary, &ArgV, &EnvP, NULL );
+	void *cachebuf = malloc( size );
 	Binary_int_CacheArgs( &Binary, &ArgV, &EnvP, cachebuf );
 
 	// Cache the VFS handles	
-	handles = VFS_SaveHandles(nFD, FDs);
+	void *handles = VFS_SaveHandles(nFD, FDs);
 
 	// Create new process	
-	ret = Proc_Clone(CLONE_VM|CLONE_NOUSER);
+	tPID ret = Proc_Clone(CLONE_VM|CLONE_NOUSER);
 	if( ret == 0 )
 	{
 		VFS_RestoreHandles(nFD, handles);
diff --git a/KernelLand/Kernel/semaphore.c b/KernelLand/Kernel/semaphore.c
index 0b70df5e..d4ec7313 100644
--- a/KernelLand/Kernel/semaphore.c
+++ b/KernelLand/Kernel/semaphore.c
@@ -5,6 +5,7 @@
  * semaphore.c
  * - Semaphores
  */
+#define DEBUG	0
 #include <acess.h>
 #include <semaphore.h>
 #include <threads_int.h>
@@ -17,6 +18,7 @@
 //
 void Semaphore_Init(tSemaphore *Sem, int Value, int MaxValue, const char *Module, const char *Name)
 {
+	LOG("Init %p to %i/%i (%s:%s)", Sem, Value, MaxValue, Module, Name);
 	memset(Sem, 0, sizeof(tSemaphore));
 	Sem->Value = Value;
 	Sem->ModName = Module;
@@ -34,8 +36,11 @@ int Semaphore_Wait(tSemaphore *Sem, int MaxToTake)
 			MaxToTake, Sem, Sem->Name);
 		MaxToTake = 0;
 	}
+	LOG("Waiting on %p for %i (%i/%i used atm) - (%s:%s)",
+		Sem, MaxToTake, Sem->Value, Sem->MaxValue, Sem->ModName, Sem->Name);
 	
 	SHORTLOCK( &Sem->Protector );
+	LOG("Protector grabbed");
 	
 	// Check if there's already items avaliable
 	if( Sem->Value > 0 )
diff --git a/KernelLand/Kernel/system.c b/KernelLand/Kernel/system.c
index e09d469f..0c701c33 100644
--- a/KernelLand/Kernel/system.c
+++ b/KernelLand/Kernel/system.c
@@ -78,7 +78,10 @@ void System_ParseCommandLine(char *ArgString)
 		// Eat Whitespace
 		while(*str == ' ')	str++;
 		// Check for the end of the string
-		if(*str == '\0') {	argc--;	break;}	
+		if(*str == '\0') {
+			argc--;
+			break;
+		}
 		argv[argc] = str;
 		if(*str == '"') {
 			while(*str && !(*str == '"' && str[-1] != '\\'))
diff --git a/KernelLand/Kernel/vfs/handle.c b/KernelLand/Kernel/vfs/handle.c
index db79933c..cd4997d8 100644
--- a/KernelLand/Kernel/vfs/handle.c
+++ b/KernelLand/Kernel/vfs/handle.c
@@ -248,10 +248,13 @@ void VFS_RestoreHandles(int NumFDs, void *Handles)
 		
 		if( !MM_GetPhysAddr(h) )
 		{
-			if( !MM_Allocate( (tVAddr)h & ~(PAGE_SIZE-1) ) ) 
+			void	*pg = (void*)( (tVAddr)h & ~(PAGE_SIZE-1) );
+			if( !MM_Allocate( (tVAddr)pg ) ) 
 			{
 				// OOM?
+				return ;
 			}
+			memset(pg, 0, PAGE_SIZE);
 		}
 		// Safe to dereference, as Threads_CloneTCB references handles
 		#if 1
-- 
2.20.1