This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-changelog] [xen-4.0-testing] xc: fix segfault in pv domain create i

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-4.0-testing] xc: fix segfault in pv domain create if kernel is an invalid image
From: "Xen patchbot-4.0-testing" <patchbot-4.0-testing@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 25 Aug 2010 01:30:21 -0700
Delivery-date: Wed, 25 Aug 2010 01:30:51 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1281685928 -3600
# Node ID 645b7bb8c78adb0677c7a6d810d5ca7c90a61e08
# Parent  708cbcb3a8f53d9cf1537fa95b8f4150ace51213
xc: fix segfault in pv domain create if kernel is an invalid image

If libelf calls elf_err() or elf_msg() before elf_set_log() has been
called then it could potentially read an uninitialised log handling
callback function pointer from struct elf_binary. Fix this in libxc by
zeroing the structure before calling elf_init().

Signed-off-by: Gianni Tedesco <gianni.tedesco@xxxxxxxxxx>
Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
xen-unstable changeset:   1d67dd785ef4
xen-unstable date:        Mon Aug 09 17:43:18 2010 +0100
 tools/libxc/xc_hvm_build.c |    1 +
 1 files changed, 1 insertion(+)

diff -r 708cbcb3a8f5 -r 645b7bb8c78a tools/libxc/xc_hvm_build.c
--- a/tools/libxc/xc_hvm_build.c        Fri Aug 13 08:48:28 2010 +0100
+++ b/tools/libxc/xc_hvm_build.c        Fri Aug 13 08:52:08 2010 +0100
@@ -127,6 +127,7 @@ static int setup_guest(int xc_handle,
     if ( memsize > target )
         pod_mode = 1;
+    memset(&elf, 0, sizeof(elf));
     if ( elf_init(&elf, image, image_size) != 0 )
         goto error_out;

Xen-changelog mailing list

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-4.0-testing] xc: fix segfault in pv domain create if kernel is an invalid image, Xen patchbot-4.0-testing <=