© nemo 1999-2020

Here are various patches for bits of RISC OS that particularly needed fixing

OS_Byte 166 got broken

MOSVarFix 1.02 (28 May 2020) [32bit] installs in !Boot...Choices.Boot.PreDesk

OS_Byte 166 has returned the base address of the MOS variables (OS_Bytes &A8-&FF) in all versions of the OS since the original BBC Micro. Somebody broke it in high-vector versions of RO5. This module ensures OS_Byte 166 (and 167) return the correct values in all versions of RISC OS, and also write-protects the value as it is informational, not functional.

  • All OS versions

Draw_ProcessPath is not 32b compatible (before 1.17)

DrawFix32 1.00 (05 Oct 2019) [32bit]

Draw_ProcessPath takes a flag in b31 of R7, which is otherwise an (aligned) address. This is not compatible with 32bit OSes nor even high-address Dynamic Areas on older OSes. A new API was introduced from Draw 1.17 that uses b25 & 26 of R1 instead. This module provides that API for older modules, such as the one supplied with RO4.37. If a Draw module 1.17+ is available, this module silently kills itself, so it is always safe to load it without having to RMEnsure anything.

If R1 b26 is set then the new API is in use, and the “Output Bounding Box” flag is in R1 b25 instead of R7 b31. Note that this does not change the Draw module itself, so attempting to output a bounding box to a high-bit address will fail with “Invalid address”.

*Shut considered dangerous, CLOSE#0 too

!CloseHook 1.01 (13 Aug 2019) [32bit]

Closing files that don’t belong to you is a terrible idea. Handles get reused immediately, so there is a high probability that a program that was previously writing to its own file will suddenly find itself writing to a completely unrelated file. So *Shut is a bad idea, but difficult to invoke accidentally.

However, CLOSE#0 is very easy to do unintentionally. As OS_Find can return a file handle of zero if it fails to open the requested file, a badly written program can end up doing CLOSE#0 by mistake.

Either way, it is to be avoided if you want to escape file corruption. !CloseHook is a solution. Whether in the Desktop, in a TaskWindow, or at the command line or a single-tasking program, CloseHook provides a confirmation before allowing *Shut or CLOSE#0 to proceed. If permission is not given, the program carries on none the wiser. Stick it in your Boot sequence and forget about it... until it saves your bacon. Many thanks to Martin Avison for the idea.

OS_File,255 (12,14,16) are very dangerous – save us, SaferOSFile

SaferOSFile 0.01 (06 Sep 2019) [32bit]

OS_File,255 and its brethren load a file – usually into a supplied buffer (they can be used to get FileSwitch to work out how to load the file, but we’ll say no more about that, it’s not affected).

The problem with this call, which dates back to the BBC Micro, is that there’s no buffer length. The usual programmer’s pattern is to find the file length with OS_File,5; allocate a buffer; then load it with OS_File,255. This was just about defensible on a stand-alone Archimedes, but in a networked or multi-user environment (such as an emulated RISC OS under a real operating system) the file can change length between the two OS_File calls.

This is bad. It leads to crashes, data loss, and even remote code execution. Very bad. But it’s a familiar pattern, and certainly one I’ve used many times.

SaferOsFile adds a new flag to OS_File,255, 12, 14 and 16 – bit 30 of R3. If set (and bits 0-7 are clear) then R5 becomes the expected file length – i.e. the length of the buffer you are loading the file into. If the file is not exactly that length, you get a Buffer Overflow error, and no memory corruption. Much better! You can use this API even if the module isn’t present, because FileSwitch itself ignores that bit and R5 (but you’ll get no protection in that case, naturally).

The patches below are currently “being tested”

i.e. I’ve forgotten about them, so hassle me if you need them.

WindowManager Wimp_CreateIcon crash

All versions of the WindowManager since RO3.5 suffer a catastrophic fatal crash if iconbar icons are created with certain priorities. This patch fixes the following OS versions:

  • 4.02, 4.24, 4.33, 4.37, 4.39, 6.20

This ROMPatch installs in !Boot.Utils.RO4Patches


Every version of TaskWindow ever will explode in consternation if you happen to send OS_WriteC a large negative value, such as SYS"OS_WriteC",1<<31. This patch fixes that for the built-in module in the following OS versions:

  • 4.02, 4.24, 4.33, 4.37, 4.39, 6.20

This ROMPatch installs in !Boot.Utils.RO4Patches

WindowManager Back Icon

Adjust-click on the back icon ought to bring the window to the front. Here’s a patch that makes sure it does, in the following OS versions:

  • 4.02, 4.24, 4.33, 4.37, 4.39, 6.20

This ROMPatch installs in !Boot.Utils.RO4Patches