This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] [PATCH] fix out-of-bounds memory access in linux-xen-low.c (

To: xen-devel list <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] fix out-of-bounds memory access in linux-xen-low.c (gdbserver)
From: Simon Kagstrom <simon.kagstrom@xxxxxx>
Date: Fri, 12 May 2006 16:37:09 +0200
Delivery-date: Fri, 12 May 2006 07:37:20 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Wanderlust/2.15.2 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.4 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI)
The following patch fixes an out-of-bounds memory access in
xc_ptrace.c. Currently, Xen always copies the entire 512 byte extended
FPU state (fxsave) even if only the "regular" FPU state was

This breaks since the memory buffer allocated in
linux-xen-low.c:regsets_fetch_inferior_registers() is only large
enough to hold the "plain" FPU registers.

Signed-Off-By: Simon Kagstrom <simon.kagstrom@xxxxxx>

Attachment: xc_ptrace-fpregs.patch
Description: Binary data

Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] fix out-of-bounds memory access in linux-xen-low.c (gdbserver), Simon Kagstrom <=