 Home |
Products |
Support |
Community |
News |
xen-devel
[Xen-devel] [PATCH 2 of 4] xentrace: fix type of offset to avoid ouf-of-
| To: | xen-devel@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-devel] [PATCH 2 of 4] xentrace: fix type of offset to avoid ouf-of-bounds access |
| From: | Olaf Hering <olaf@xxxxxxxxx> |
| Date: | Tue, 10 May 2011 16:32:37 +0200 |
| Cc: | George Dunlap <george.dunlap@xxxxxxxxxx> |
| Delivery-date: | Tue, 10 May 2011 07:33:37 -0700 |
| Dkim-signature: | v=1; a=rsa-sha1; c=relaxed/relaxed; t=1305037957; l=1698; s=domk; d=aepfle.de; h=Cc:To:From:Date:References:In-Reply-To:Subject: Content-Transfer-Encoding:MIME-Version:Content-Type:X-RZG-CLASS-ID: X-RZG-AUTH; bh=7zCY256Qzm7h+TITU/ahvheowSQ=; b=OZV1z8q/qfo/GodvDWoJ/+qIBfqR2CS7tZv0RCc6aY6qYMzeaTueufcwmjCd4uAjrrx HRjc5zfCcvz4viaiPGuemfdK1ELlYeeuT5AUurWP7vEEimSEhIR4oYVYMoOIR7LWTkAF3 vaBEsq/nZ4mHGKEDye9AP7GmNDUV9xCjqDg= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <patchbomb.1305037955@localhost> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| References: | <patchbomb.1305037955@localhost> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
| User-agent: | Mercurial-patchbomb/1.8.1 |
# HG changeset patch
# User Olaf Hering <olaf@xxxxxxxxx>
# Date 1305037381 -7200
# Node ID 575bf78214ef193e44806aa9766e084d721783b5
# Parent 8ac937fa527b28243227193bf4749feb3a234c2c
xentrace: fix type of offset to avoid ouf-of-bounds access
Update the type of the local offset variable to match the type where
this variable is stored. Also update the type of t_info_first_offset because
it has also a limited range.
Signed-off-by: Olaf Hering <olaf@xxxxxxxxx>
diff -r 8ac937fa527b -r 575bf78214ef xen/common/trace.c
--- a/xen/common/trace.c Tue May 10 16:23:00 2011 +0200
+++ b/xen/common/trace.c Tue May 10 16:23:01 2011 +0200
@@ -106,7 +106,7 @@ static uint32_t calc_tinfo_first_offset(
* The t_info layout is fixed and cant be changed without breaking xentrace.
* Initialize t_info_pages based on number of trace pages.
*/
-static int calculate_tbuf_size(unsigned int pages, uint32_t
t_info_first_offset)
+static int calculate_tbuf_size(unsigned int pages, uint16_t
t_info_first_offset)
{
struct t_buf dummy_size;
typeof(dummy_size.prod) max_size;
@@ -170,8 +170,8 @@ static int alloc_trace_bufs(unsigned int
int i, cpu, order;
/* Start after a fixed-size array of NR_CPUS */
uint32_t *t_info_mfn_list;
- uint32_t t_info_first_offset;
- int offset;
+ uint16_t t_info_first_offset;
+ uint16_t offset;
if ( t_info )
return -EBUSY;
@@ -179,7 +179,7 @@ static int alloc_trace_bufs(unsigned int
if ( pages == 0 )
return -EINVAL;
- /* Calculate offset in u32 of first mfn */
+ /* Calculate offset in units of u32 of first mfn */
t_info_first_offset = calc_tinfo_first_offset();
pages = calculate_tbuf_size(pages, t_info_first_offset);
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [Xen-devel] Re: [PATCH] libxl: virtio-blk-pci support for FV domain, Stefano Stabellini |
|---|---|
| Next by Date: | [Xen-devel] [PATCH 0 of 4] xentrace [v2]: non-contiguous allocation of per-cpu buffer, Olaf Hering |
| Previous by Thread: | [Xen-devel] [PATCH 0 of 4] xentrace [v2]: non-contiguous allocation of per-cpu buffer, Olaf Hering |
| Next by Thread: | Re: [Xen-devel] [PATCH 2 of 4] xentrace: fix type of offset to avoid ouf-of-bounds access, George Dunlap |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
