Fix: safety: malloc and free BMP image; memcpy sanitizing

src/kernel/initrd.c

@@ -131,9 +131,16 @@ int tar_file_to_buffer(uint8_t* initrd, const char* filename, char* buffer)
 		if (strcmp(file_name, filename) == 0)
 		{
 			uint8_t* file_data = current_block + TAR_BLOCK_SIZE;
-			memcpy(buffer, file_data, file_size);
-			buffer[file_size] = '\0';
-			return 0;
+			if (sizeof(buffer) >= sizeof(file_data))
+			{
+				memcpy(buffer, file_data, file_size);
+				buffer[file_size] = '\0';
+				return 0;
+			} else {
+				printf("Invalid destination buffer size %d bytes < %d bytes\n", sizeof(buffer), sizeof(file_data));
+				return -1;
+			}
+			return -1;
 		}
 
 		uint32_t total_size = ((file_size + TAR_BLOCK_SIZE - 1) / TAR_BLOCK_SIZE) * TAR_BLOCK_SIZE;
@@ -142,3 +149,28 @@ int tar_file_to_buffer(uint8_t* initrd, const char* filename, char* buffer)
 	printf("[tar] file '%s' not found\n", filename);
 	return -1;
 }
+
+uint32_t tar_get_file_size(uint8_t* initrd, const char* filename)
+{
+	uint8_t* current_block = initrd;
+
+	while (1)
+	{
+		if (current_block[0] == '\0')
+		{
+			return -1;
+		}
+
+		const char* file_name = (const char*)current_block;
+		uint32_t file_size = tar_parse_size((const char*)(current_block+124));
+
+		if (strcmp(file_name, filename) == 0)
+		{
+			return file_size;
+		}
+
+		uint32_t total_size = ((file_size + TAR_BLOCK_SIZE - 1) / TAR_BLOCK_SIZE) * TAR_BLOCK_SIZE;
+		current_block += TAR_BLOCK_SIZE + total_size;
+	}
+	return -1;
+}

src/kernel/initrd.h

@@ -34,5 +34,6 @@ void tar_find_file(uint8_t *tar_start, const char* filename);
 void ls_initrd(uint8_t* initrd, int verbose);
 void cat_initrd(uint8_t* initrd, const char* filename);
 int tar_file_to_buffer(uint8_t* initrd, const char* filename, char* buffer);
+uint32_t tar_get_file_size(uint8_t* initrd, const char* filename);
 
 #endif

src/kernel/kmain.c

@@ -79,7 +79,7 @@ void kmain(multiboot2_info *mb_info)
 		if (mmap->addr != 0)
 		{
 			
-			serial_printf(3, "base addr=0x%x%x, length=0x%x%x, type=%u\n",
+			serial_printf(3, "base addr=0x%x%x, length=0x%x%x, type=%u",
 				(uint32_t) (mmap->addr >> 32),
 				(uint32_t) (mmap->addr & 0xFFFFFFFF),
 				(uint32_t) (mmap->len >> 32),