From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B7D28158020 for ; Mon, 5 Dec 2022 05:36:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 063E8E0798; Mon, 5 Dec 2022 05:36:26 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E0709E0798 for ; Mon, 5 Dec 2022 05:36:25 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 23C19340CC5 for ; Mon, 5 Dec 2022 05:36:25 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 7801A76C for ; Mon, 5 Dec 2022 05:36:23 +0000 (UTC) From: "Robin H. Johnson" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Robin H. Johnson" Message-ID: <1670218581.19b45d085c9fe12820eaa5d89eb9469a8d8b3bb3.robbat2@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-boot/mbr-gpt/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild X-VCS-Directories: sys-boot/mbr-gpt/ X-VCS-Committer: robbat2 X-VCS-Committer-Name: Robin H. Johnson X-VCS-Revision: 19b45d085c9fe12820eaa5d89eb9469a8d8b3bb3 X-VCS-Branch: master Date: Mon, 5 Dec 2022 05:36:23 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 714b41b0-eccd-4327-8a9c-f379d97b6a66 X-Archives-Hash: af7e62c2690a482fc68fe1e23d2e736b commit: 19b45d085c9fe12820eaa5d89eb9469a8d8b3bb3 Author: Robin H. Johnson gentoo org> AuthorDate: Mon Dec 5 05:35:34 2022 +0000 Commit: Robin H. Johnson gentoo org> CommitDate: Mon Dec 5 05:36:21 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19b45d08 sys-boot/mbr-gpt: add safety check If the compiler/linker/objdump options make the mbr too large, bail out, so nobody accidently wipes out the start of their drives with a large MBR. Signed-off-by: Robin H. Johnson gentoo.org> sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild | 5 +++++ sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild | 7 ++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild b/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild index 3073a1e1cfed..1b062d5e5648 100644 --- a/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild +++ b/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r1.ebuild @@ -44,6 +44,11 @@ src_prepare() { src_compile() { emake CC="$(tc-getCC)" + # validate the size, it MUST fit into an MBR (440 bytes!) + size=$(stat --printf='%s' mbr) + if test $size -gt 440; then + die "Compiled MBR is too large! Must be at most 440 bytes, was $size" + fi } src_install() { diff --git a/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild b/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild index df636e06b770..9359c8200a24 100644 --- a/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild +++ b/sys-boot/mbr-gpt/mbr-gpt-0.0.1-r2.ebuild @@ -27,7 +27,7 @@ QA_PRESTRIPPED="${QA_WX_LOAD}" QA_FLAGS_IGNORED="${QA_WX_LOAD}" # Don't strip it either; this binary reboots your host! -RESTRICT="binchecks strip" +RESTRICT="strip" src_prepare() { default @@ -46,6 +46,11 @@ src_prepare() { src_compile() { emake CC="$(tc-getCC)" + # validate the size, it MUST fit into an MBR (440 bytes!) + size=$(stat --printf='%s' mbr) + if test $size -gt 440; then + die "Compiled MBR is too large! Must be at most 440 bytes, was $size" + fi } src_install() {