extremely threadbare null-pointer protection

This protects us from reading null arrays, but not null structs. It also doesn't protect us from writes to address 0 itself. It is also incredibly unsafe. According to https://wiki.osdev.org/Memory_Map_(x86), address 0 contains the real-mode IVT. Am I sure it'll never ever get used after I switch to protected mode? I really need a page table, something minimal to protect the first 4KB of physical memory or something. I wonder what other languages/OSs do to protect against really large struct definitions.
2021-04-28 22:22:55 -07:00 · 2021-04-28 22:22:55 -07:00 · 4541bfa59b
parent dcb6a21a91
commit 4541bfa59b
1 changed files with 6 additions and 0 deletions
--- a/mu-init.subx
+++ b/mu-init.subx
@ -12,6 +12,12 @@
 Entry:
  # initialize stack
  bd/copy-to-ebp 0/imm32
+  # Clear memory location 0 to ensure that uninitialized arrays run afoul of
+  # the bounds checker.
+  # TODO: This is utterly bonkers, and does not actually protect us against
+  # all null pointer reads/writes. Create a real page table sometime.
+  b8/copy-to-eax 0/imm32
+  c7 0/subop/copy *eax 0/imm32
 #?   (main 0 0 Primary-bus-secondary-drive)
  # always first run tests
  (run-tests)