| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
strnlen is not available on some older systems,
so now we provide our own portable version.
this version also aborts on NULL input, unlike
the standard function.
this version also does not permit empty strings.
this version also does not permit unterminated
strings.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
arc4random is superior, so using /dev/urandom
would be a mistake. we only use that on linux,
or old/weird unix.
we would also use it on linux, but GNU prohibits
nice things (its implementations are spotty, and
old glibc doesn't have it - before 2022 there is
libbsd, but i'm not importing that).
not that it matters. we're not doing encryption.
i'm just a stickler for technical correctness.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
use the macro, introduced in the previous commit
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
to make it clearer what this variable does
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is a guard against mistakes by future maintainers
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
make cmd a size_t and make the equivalent to NULL
be the number of items in command[]
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
don't set args here
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
instead of simply checking null, just do a bound check.
this would also cover NULL (-1)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
There, we use arc4random_buf which does not directly
access /dev/urandom on BSD; it uses a userspace method
instead, which bypasses this.
This is therefore much more restrictive, which is
exactly the point of unveil(2) and pledge(2); restrict
your program's operation while ensuring that it has what
it needs, to help with debugging and prevent common bugs.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the current name is misleading. this function
specifically converts what's stored in memory,
in the nvm.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
otherwise, it's a pointless computation
i also added a guard to mitigate this, in the
read file function. this should have been there
anyway.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
that way, it makes more sense sementantically
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
accidentally specified invert, for the brick
and setchecksum commands. oops!
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
if the enum is messed up, this patch also prevents
that. this is not to catch a runtime error, but
to intentionally trip up a maintainer that screws
up, prompting them to fix their future mistake.
we previously used a pointer directly, without
even checking index/NULL - that too is now covered,
except that we now use an indice for command[] and
execute the command from that, rather than directly
declaring a pointer.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
a package manager by the name "nvm" exists, as
i discovered.
this is a courtesy to them.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this way, if a user does e.g.
./nvm gbe.bin bullshit
It will say: bullshit
Right now, it just says invalid length. This
means if the user wanted to type e.g.
./nvm gbe.bin copy 0
but they typed:
./nvm gbe.bin coyp 0
Now it will tell them that it's trying
to set the MAC address "coyp".
This is because if an invalid command is given,
it's treated as a MAC address instead. This is
by design, to allow e.g.
./nvm gbe.bin xx:1x:1x:xx:xx:xx
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
handle inversion directly there
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
point directly to the command table.
run through an intermediary function to check
bounds, for safety.
this will allow me to then set things like
the invert config directly in that struct.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we need only declare it in the centralised gbe_file_offset
function, which determines whether a write to the gbe file
falls specifically within the 4KB range that is the gbe
part.
it is always half of the gbe file size, and then the first
4KB of each half stores the gbe part.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these variables newrandom and oldrandom are unused on
BSD systems, and their unused status may trigger
warnings on some compilers.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
use uint16_t instead
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
yeah, do the verification manually, don't convert
to size_t. this avoids a bunch of theoretical
bugs that i can't be bothered to explain at 3AM
just trust me bro
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
preventative fix for later, if the tool is ever expanded
to have a better command syntax, for supporting more than
one file at a time.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
send the mac address byte directly to check_mac_separator
functionally identicaly, but cleaner, and uses
multiplication instead of division (faster).
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
no need for strlen here (1-character string).
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
