netbsd-bugs: port-mac/1514: Bad stop condition in mac68k/pramasm.s:readPram() and writePram()

Subject: port-mac/1514: Bad stop condition in mac68k/pramasm.s:readPram() and writePram()
To: None <gnats-bugs@NetBSD.ORG>
From: Walter Ruetten <walter@ghpc8.ihf.rwth-aachen.de>
List: netbsd-bugs
Date: 09/26/1995 09:48:13

>Number:         1514
>Category:       port-mac
>Synopsis:       Bad stop condition in mac68k/pramasm.s:readPram() and writePram()
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Sep 26 05:20:01 1995
>Last-Modified:
>Originator:     Walter Ruetten
>Organization:

>Release:        1.0
>Environment:
NetBSD/mac68k, all machines
System: NetBSD islington.ihf.rwth-aachen.de 1.0A NetBSD 1.0A (ISLINGTON) #130: Mon Sep 25 13:27:42 MET 1995 walter@islington.ihf.rwth-aachen.de:/usr/src/sys/arch/mac68k.vi/compile/ISLINGTON mac68k


>Description:
In pramasm.s:readPram() and pramasm.s:writePram(), the transfer of data
from  addr  to the internal buffer (SysParam) and vice versa terminates
immediately. No data is transfered.
>How-To-Repeat:
>Fix:
Changed branches.
Added range check in writePram to avoid writeing beyond the end of SysParam.

*** /sys/arch/mac68k/mac68k/pramasm.s	Tue Sep 19 09:03:48 1995
--- pramasm.s	Mon Sep 25 20:31:21 1995
***************
*** 61,69 ****
  	lea	_SysParam,a1	|  start of PRam data
  	movel	a6@(8),a0	|  get our data address
  _readPramAgain:
! 	dbf	d0,_readPramDone |  see if we are through
  	moveb	a1@(d1),a0@+	|  transfer byte
! 	addql	 #1,a1		|  next byte
  	jmp	_readPramAgain	|  do it again 
  _readPramDone:
  	clrw	d0
--- 61,70 ----
  	lea	_SysParam,a1	|  start of PRam data
  	movel	a6@(8),a0	|  get our data address
  _readPramAgain:
! 	subql	#1,d0
! 	bcs	_readPramDone	|  see if we are through
  	moveb	a1@(d1),a0@+	|  transfer byte
! 	addql	#1,d1		|  next byte
  	jmp	_readPramAgain	|  do it again 
  _readPramDone:
  	clrw	d0
***************
*** 84,92 ****
  	lea	_SysParam,a1	|  start of PRam data
  	movel	a6@(8),a0	|  get our data address
  _writePramAgain:
! 	dbf	d0,_writePramDone |  see if we are through
  	moveb	a0@+,a1@(d1)	|  transfer byte
! 	addql	 #1,a1		|  next byte
  	jmp	_writePramAgain |  do it again 
  _writePramDone:
  	.word	0xa038		|  writeParam
--- 85,96 ----
  	lea	_SysParam,a1	|  start of PRam data
  	movel	a6@(8),a0	|  get our data address
  _writePramAgain:
! 	subql	#1,d0
! 	bcs	_writePramDone	|  see if we are through
! 	cmpil	#0x14,d1	|  check for end of _SysParam
! 	bcc	_writePramDone	|  do not write if beyond end
  	moveb	a0@+,a1@(d1)	|  transfer byte
! 	addql	#1,d1		|  next byte
  	jmp	_writePramAgain |  do it again 
  _writePramDone:
  	.word	0xa038		|  writeParam
>Audit-Trail:
>Unformatted: