WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] [PATCH][x86-PAE] Avoid overflow in xc_domain_dumpcore_via_ca

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [PATCH][x86-PAE] Avoid overflow in xc_domain_dumpcore_via_callback()
From: Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx>
Date: Mon, 15 Oct 2007 15:07:21 +0900
Delivery-date: Sun, 14 Oct 2007 23:08:32 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)
Hi.

On x86-PAE systems, guest domains can have memory larger
than 4GB.
When trying to get xendump of such a guest, nr_pages * PAGE_SIZE
exceeds 2^32, so "filesz" is not calculated properly
in xc_domain_dumpcore_via_callback().
As a result, the crash utility cannot access to the
string table section and cannot read the dumpfile.

Attached patch fixes this bug.


Thanks,
Daisuke Nishimura.


# HG changeset patch
# User root@xxxxxxxxxxxxxxxxxxxxx
# Date 1192417680 -32400
# Node ID 4eb6816a52e888017f294bf5fef1c68a75de374e
# Parent  d6d3c7856abc196eec4a1ef6a39b965976a6ee8b
[x86-PAE] Avoid overflow in xc_domain_dumpcore_via_callback().

Signed-off-by: Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx>

diff -r d6d3c7856abc -r 4eb6816a52e8 tools/libxc/xc_core.c
--- a/tools/libxc/xc_core.c     Thu Oct 11 10:12:07 2007 +0100
+++ b/tools/libxc/xc_core.c     Mon Oct 15 12:08:00 2007 +0900
@@ -620,7 +620,7 @@ xc_domain_dumpcore_via_callback(int xc_h
     dummy_len = ROUNDUP(offset, PAGE_SHIFT) - offset; /* padding length */
     offset += dummy_len;
 
-    filesz = nr_pages * PAGE_SIZE;
+    filesz = (uint64_t)nr_pages * PAGE_SIZE;
     sts = xc_core_shdr_set(shdr, strtab, XEN_DUMPCORE_SEC_PAGES, SHT_PROGBITS,
                            offset, filesz, PAGE_SIZE, PAGE_SIZE);
     if ( sts != 0 )
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH][x86-PAE] Avoid overflow in xc_domain_dumpcore_via_callback(), Daisuke Nishimura <=