xcp-1.6-updates/xen-4.1.hg

changeset 23310:3fed2c0a282a

xen: Fix off-by-one error when parsing command line arguments

As Xen currently stands, it will attempt to interpret the first few
bytes of the initcall section as a struct kernel_param.

The reason that this not caused problems is because in the overflow
case, param->name is actually a function pointer to the first
initcall, and intepreting it as string is very unlikely to match an
ASCII command line parameter name.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
xen-unstable changeset: 25587:2cffb7bf6e57
xen-unstable date: Tue Jul 03 13:38:19 2012 +0100
author Andrew Cooper <andrew.cooper3@citrix.com>
date Tue Jul 03 13:50:01 2012 +0100 (2012-07-03)
parents ce1b489f0543
children e8a3797e34d1
files xen/common/kernel.c
line diff
     1.1 --- a/xen/common/kernel.c	Tue Jul 03 13:49:32 2012 +0100
     1.2 +++ b/xen/common/kernel.c	Tue Jul 03 13:50:01 2012 +0100
     1.3 @@ -92,7 +92,7 @@ void __init cmdline_parse(char *cmdline)
     1.4          if ( !bool_assert )
     1.5              optkey += 3;
     1.6  
     1.7 -        for ( param = &__setup_start; param <= &__setup_end; param++ )
     1.8 +        for ( param = &__setup_start; param < &__setup_end; param++ )
     1.9          {
    1.10              if ( strcmp(param->name, optkey) )
    1.11                  continue;