From d46df57ea12786c55a509f244868dd3721462471 Mon Sep 17 00:00:00 2001
From: Stefan `Sec` Zehl <sec@42.org>
Date: Mon, 22 Aug 2011 21:49:38 +0200
Subject: [PATCH 1/3] Fix uninitialized variable problem for l0dables.

---
 firmware/l0dable/ram.ld | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/firmware/l0dable/ram.ld b/firmware/l0dable/ram.ld
index bc62075..87e4f7a 100644
--- a/firmware/l0dable/ram.ld
+++ b/firmware/l0dable/ram.ld
@@ -30,19 +30,12 @@ SECTIONS
     *(vtable)
     *(.data*)
     _edata = .;
-  } > sram
-
-  /* zero initialized data */
-  .bss :
-  {
-    _bss = .;
+                    /* force zero initialized data to be present*/
     *(.bss*)
     *(COMMON)
     _ebss = .;
   } > sram
-  
+
   end = .;
 
-  /* For GDB compatibility we decrease the top with 16 bytes */
-  stack_entry = sram_top - 16;
 }

From 97de719738cb3679675861cdf6ef2c9363aa7a2f Mon Sep 17 00:00:00 2001
From: Stefan `Sec` Zehl <sec@42.org>
Date: Mon, 22 Aug 2011 21:59:18 +0200
Subject: [PATCH 2/3] Make CRP level selectable. Default to no CRP.

---
 firmware/main.c | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/firmware/main.c b/firmware/main.c
index ba7fc40..9b02c7c 100644
--- a/firmware/main.c
+++ b/firmware/main.c
@@ -7,7 +7,28 @@
 #include "lcd/render.h"
 #include "filesystem/ff.h"
 
-__attribute__ ((used, section("crp"))) const uint32_t the_crp=0x87654321;
+
+#ifdef CRP1
+#define CRP_VALUE 0x12345678  // CRP1
+#endif
+
+#ifdef CRP2
+#define CRP_VALUE 0x87654321  // CRP2
+#endif
+
+#ifdef CRP3
+#define CRP_VALUE 0x43218765  // CRP3
+#endif
+
+#ifdef NO_ISP
+#define CRP_VALUE 0x4e697370  // NO_ISP
+#endif
+
+#ifndef CRP_VALUE
+#define CRP_VALUE 0x0  // ANY non-magic value disables CRP
+#endif
+
+__attribute__ ((used, section("crp"))) const uint32_t the_crp=CRP_VALUE;
 
 /**************************************************************************/
 

From 01dd639c1c83135ec76cd5639c6974b913f638d1 Mon Sep 17 00:00:00 2001
From: Stefan `Sec` Zehl <sec@42.org>
Date: Mon, 22 Aug 2011 22:04:12 +0200
Subject: [PATCH 3/3] Fix half-exploit: do not allow 0-byte loadables (padded
 to 16 bytes for MAC)

---
 firmware/filesystem/execute.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/firmware/filesystem/execute.c b/firmware/filesystem/execute.c
index 391b071..7546e74 100644
--- a/firmware/filesystem/execute.c
+++ b/firmware/filesystem/execute.c
@@ -53,7 +53,7 @@ uint8_t execute_file (const char * fname){
     data = (uint32_t*)dst;
     len = readbytes/4;
 
-    if( readbytes & 0xF ){
+    if( readbytes & 0xF || readbytes <= 0x10){
         lcdClear();
         lcdPrint("!size");
         lcdRefresh();