From fcd741c15e8d2bc8c7d0362a8f23ed97ec094c33 Mon Sep 17 00:00:00 2001
From: Peter Veenstra <qbix79@users.sourceforge.net>
Date: Mon, 11 Apr 2005 17:56:27 +0000
Subject: [PATCH] added range checks to accessing the drive structure. Cleaned
 it up as well. (Indeed I read it).

Imported-from: https://svn.code.sf.net/p/dosbox/code-0/dosbox/trunk@2174
---
 src/dos/dos_ioctl.cpp | 55 ++++++++++++++++---------------------------
 1 file changed, 20 insertions(+), 35 deletions(-)

diff --git a/src/dos/dos_ioctl.cpp b/src/dos/dos_ioctl.cpp
index 4b150c33..3aa23026 100644
--- a/src/dos/dos_ioctl.cpp
+++ b/src/dos/dos_ioctl.cpp
@@ -16,7 +16,7 @@
  *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  */
 
-/* $Id: dos_ioctl.cpp,v 1.23 2005-03-25 08:39:05 qbix79 Exp $ */
+/* $Id: dos_ioctl.cpp,v 1.24 2005-04-11 17:56:27 qbix79 Exp $ */
 
 #include <string.h>
 #include "dosbox.h"
@@ -26,7 +26,7 @@
 #include "dos_inc.h"
 
 bool DOS_IOCTL(void) {
-	Bitu handle;Bit8u drive;
+	Bitu handle=0;Bit8u drive=0;
 	if (reg_al<8) {				/* call 0-7 use a file handle */
 		handle=RealHandle(reg_bx);
 		if (handle>=DOS_FILES) {
@@ -37,6 +37,12 @@ bool DOS_IOCTL(void) {
 			DOS_SetError(DOSERR_INVALID_HANDLE);
 			return false;
 		}
+	} else  { 				/* the others use a diskdrive */
+		drive=reg_bl;if (!drive) drive=dos.current_drive;else drive--;
+		if( !(( drive < DOS_DRIVES ) && Drives[drive]) ) {
+			DOS_SetError(DOSERR_INVALID_DRIVE);
+			return false;
+		}
 	}
 	switch(reg_al) {
 	case 0x00:		/* Get Device Information */
@@ -66,34 +72,20 @@ bool DOS_IOCTL(void) {
 		reg_al=0xff;
 		return true;
 	case 0x08:		/* Check if block device removable */
-		drive=reg_bl;if (!drive) drive=dos.current_drive;else drive--;
-		if (Drives[drive]) {
-			/* Drive a,b are removable if mounted *
-			 * So are cdrom drives                */
-			if (drive < 2  || Drives[drive]->isRemovable())
-				reg_ax=0;	
-			else 	reg_ax=1;
-			return true;
-		} else {
-			DOS_SetError(DOSERR_INVALID_DRIVE);
-			return false;
-		}
+		/* cdrom drives and drive a&b are removable */
+		if (drive < 2  || Drives[drive]->isRemovable())
+			reg_ax=0;
+		else 	reg_ax=1;
+		return true;
 	case 0x09:		/* Check if block device remote */
-		drive=reg_bl;if (!drive) drive=dos.current_drive;else drive--;
-		if (Drives[drive]) {
-			reg_dx=0;
-			if (Drives[drive]->isRemote()) reg_dx|=(1 << 12);
-			//TODO Set bit 9 on drives that don't support direct I/O
-			reg_al=0;
-			return true;
-		} else {
-			DOS_SetError(DOSERR_INVALID_DRIVE);
-			return false;
-		}
+		reg_dx=0;
+		if (Drives[drive]->isRemote()) reg_dx|=(1 << 12);
+		//TODO Set bit 9 on drives that don't support direct I/O
+		reg_al=0;
+		return true;
 	case 0x0D:		/* Generic block device request */
 		{
 			PhysPt ptr	= SegPhys(ds)+reg_dx;
-			drive=reg_bl;if (!drive) drive=dos.current_drive;else drive--;
 			switch (reg_cl) {
 			case 0x60:		/* Get Device parameters */
 				mem_writeb(ptr  ,0x03);					// special function
@@ -138,15 +130,8 @@ bool DOS_IOCTL(void) {
 			return true;
 		}
 	case 0xE:		/* Get Logical Drive Map */
-		drive=reg_bl;if (!drive) drive=dos.current_drive;else drive--;
-		if (Drives[drive]) {
-			reg_al=0;		/* Only 1 logical drive assigned */
-			return true;
-		} else {
-			DOS_SetError(DOSERR_INVALID_DRIVE);
-			return false;
-		}
-		break;
+		reg_al = 0;		/* Only 1 logical drive assigned */
+		return true;
 	default:
 		LOG(LOG_DOSMISC,LOG_ERROR)("DOS:IOCTL Call %2X unhandled",reg_al);
 		return false;