Keatah Posted February 13, 2022 Share Posted February 13, 2022 (edited) Can anyone shed some light on this or have the description/text archived? My googlefu is failing me at this moment. Beautiful Boot by MiniAppler and Apple Bandit - No buffer overflow version - Michael from the AppleWin Dev team discovered a dormant bug in every Beautiful Boot disk ever created. The problem is detailed in the following usenet post: https://groups.google.com/forum/#!searchin/comp.sys.apple2/BEAUTIFUL$20BOOT/comp.sys.apple2/yZkAmOXyyxc/47lziHAV4wAJ I updated the Beautiful Boot disk maker so that this bug is not present anymore. It is also the first Beautiful Boot disk image that just boots into the program directly. I included the original docs in the disk for the sake of completeness. If you want to know more about Beautiful Boot I recommend the awesome analysis made by Deckard that can also be found on asimov ./images/disk_utils/Beautiful_Boot_Source.dsk cybernesto - January 2016 Edited February 13, 2022 by Keatah Quote Link to comment Share on other sites More sharing options...
cybernesto Posted March 25, 2022 Share Posted March 25, 2022 Oh hi, I just found your post. I’m the one who created that fixed image. What questions do you exactly have?Gesendet von iPhone mit Tapatalk 1 Quote Link to comment Share on other sites More sharing options...
Keatah Posted March 25, 2022 Author Share Posted March 25, 2022 I was wondering how the buffer overflow issue reveals itself, from a user's perspective. Quote Link to comment Share on other sites More sharing options...
cybernesto Posted March 25, 2022 Share Posted March 25, 2022 Michael describes in the post I linked the effect. You would get an additional entry called A with a size of 999. But I really doubt that many users would have seen it because you would probably boot directly with the disk in the drive and would not have anything above the buffer stored yet. Alas, I have seen that Deckard’s excellent page is gone. Fortunately his disassembly is still available in http:// https://web.archive.org/web/20190812061503/http://boutillon.free.fr/Underground/Outils/Beautiful_Boot/Txt/Boot2_Beautiful_Boot.txtIt is strange that there are two separate counters, OBJNUM and BIN_COUNT, where only the first one should be necessary. They should both count up to 14 and stop, but somehow BIN_COUNT was allowed to go up to 15 thus messing things up. Quote Link to comment Share on other sites More sharing options...
Like us on Facebook
Follow us on Twitter
AtariAge on Instagram
Watch us on YouTube
Chat on Discord
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.