WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Fix for SSP error in tools/python/lowlevel/xc/xc.c

To: Milan Holzäpfel <listen@xxxxxxxx>
Subject: Re: [Xen-devel] Fix for SSP error in tools/python/lowlevel/xc/xc.c
From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Date: Wed, 26 Aug 2009 13:39:31 -0400
Cc: mail@xxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 26 Aug 2009 10:50:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20090826161954.4ce96275.listen@xxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20090826161954.4ce96275.listen@xxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.19 (2009-01-05)
On Wed, Aug 26, 2009 at 04:19:54PM +0200, Milan Holzäpfel wrote:
> Hello, 
> 
> I compiled xen-tools with GCC-4.3.3 with Stack Smashing Protection
> (SSP) patches by gentoo, and found a small bug in
> tools/python/lowlevel/xc/xc.c.  The bug is located in
> pyxc_dom_set_policy_cpuid: 
> 
> (this is the change which fixes it:)
> 
> > @@ -808,7 +808,7 @@
> >  static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self,
> >                                             PyObject *args)
> >  {
> > -    domid_t domid;
> > +    int domid;

I would say use uint32_t instead of int.

> >  
> >      if ( !PyArg_ParseTuple(args, "i", &domid) )
> >          return NULL;
> 
> domid_t is defined as uint16_t (thus 2 bytes long) in xen header files,
> but the "i" format needs a C "int" type, which is 4 bytes long.
> (<URL:http://docs.python.org/c-api/arg.html>)  This error is detected
> by SSP as stack overflow. 

What about the two other cases where domid_it is used? The SSP didn't
detect them?
> 
> Attached patch fixes the error.  Maybe it would better to use "h"
> format instead of the "i" format, which converts the argument to an C
> "short int".  Then you would have to change the python wrapper if
> domid_t changes, though. 

Yeah, but running more than 64K of guests on one node?

> 
> Please apply this patch or the change to the "h" format string (I
> haven't tested it, but I believe it should work just as well). 
> 
> Regards,
> Milan Holzäpfel
> 
> 
> -- 
> Milan Holzaepfel <mail(a)mjh(d)name>             <URL:http://mjh.name/>
> pub  4096R/C790FC23  EB8E 5E81 81E3 53A9 9B74  B895 5179 54C0 C790 FC23

>       2009-08-26 Milan Holzaepfel <mail@xxxxxxxx>
> 
>       As documented on <URL:http://docs.python.org/c-api/arg.html>, the "i"
>       format string needs an integer as target.
> 
>       Error detected by gentoo Stack Smashing Protection for gcc-4.3.3.
> 
> --- xen-3.4.1/tools/python/xen/lowlevel/xc/xc.c.orig  2009-08-26 
> 13:43:13.000000000 +0000
> +++ xen-3.4.1/tools/python/xen/lowlevel/xc/xc.c       2009-08-26 
> 13:43:20.000000000 +0000
> @@ -808,7 +808,7 @@
>  static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self,
>                                             PyObject *args)
>  {
> -    domid_t domid;
> +    int domid;
>  
>      if ( !PyArg_ParseTuple(args, "i", &domid) )
>          return NULL;




> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>