WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] Re: [PATCH 1/4] extract vmcoreinfo from /proc/vmcore for Xen

from [Simon Horman] [Permanent Link][Original]
To: Itsuro ODA <oda@xxxxxxxxxxxxx>
Subject: [Xen-devel] Re: [PATCH 1/4] extract vmcoreinfo from /proc/vmcore for Xen
From: Simon Horman <horms@xxxxxxxxxxxx>
Date: Mon, 31 Mar 2008 14:28:26 +0900
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, kexec@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 30 Mar 2008 22:28:57 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20080331131512.DDCD.ODA@xxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20080331131512.DDCD.ODA@xxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.17+20080114 (2008-01-14) 
On Mon, Mar 31, 2008 at 01:25:19PM +0900, Itsuro ODA wrote:
> This patch is for xen-3.2.0.
> 
> --- common/kexec.c.org        2008-03-25 09:29:39.000000000 +0900
> +++ common/kexec.c    2008-03-28 12:50:33.000000000 +0900
> @@ -43,6 +43,9 @@

[snip]

> +void vmcoreinfo_append_str(const char *fmt, ...)
> +{
> +    va_list args;
> +    char buf[0x50];
> +    int r;
> +    size_t note_size = sizeof(Elf_Note) + 
> ELFNOTE_ALIGN(strlen(VMCOREINFO_NOTE_NAME) + 1);
> +
> +    va_start(args, fmt);
> +    r = vsnprintf(buf, sizeof(buf), fmt, args);
> +    va_end(args);
> +
> +    if (r + vmcoreinfo_size + note_size > VMCOREINFO_BYTES)
> +     r = VMCOREINFO_BYTES - vmcoreinfo_size - note_size;
> +
> +    memcpy(&vmcoreinfo_data[note_size + vmcoreinfo_size], buf, r);
> +
> +    vmcoreinfo_size += r;
> +}

Hi Oda-san,

It looks like it is possible for both vsnprintf() and
the "if (r + vmcoreinfo_size + note_size > VMCOREINFO_BYTES)" logic
to truncate a feild. Is this likely to be a problem in practice,
or is the code just guarding against malformed input?


Also, this code looks like it will be need to up-ported due to changes
that I recently made to common/kexec.c and the range fetching portion of
the hypercall in unstable.  This shouldn't be a big deal, just something
that is worth mentioning.

-- 
Horms

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] [PATCH 4/4] extract vmcoreinfo from /proc/vmcore for Xen, Itsuro ODA
Next by Date:  [Xen-devel] Re: [PATCH 3/4] extract vmcoreinfo from /proc/vmcore for Xen, Simon Horman
Previous by Thread:  [Xen-devel] [PATCH 1/4] extract vmcoreinfo from /proc/vmcore for Xen, Itsuro ODA
Next by Thread:  [Xen-devel] Re: [PATCH 1/4] extract vmcoreinfo from /proc/vmcore for Xen, Itsuro ODA
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy