[PATCH] makedumpfile: fix illegal buffer access
Itsuro ODA
oda at valinux.co.jp
Fri Jun 27 00:51:31 EDT 2008
Hi,
Null padding of the vmcoreinfo (vmcoreinfo of xen is the case)
causes SIGSEGV (I met it on x86_64).
This fix avoids illegal buffer access.
Thanks.
Itsuro Oda
--- makedumpfile.c.org 2008-06-12 15:01:26.000000000 +0900
+++ makedumpfile.c 2008-06-12 16:16:11.000000000 +0900
@@ -2187,6 +2187,8 @@ read_vmcoreinfo_basic_info()
while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
i = strlen(buf);
+ if (!i)
+ break;
if (buf[i - 1] == '\n')
buf[i - 1] = '\0';
if (strncmp(buf, STR_OSRELEASE, strlen(STR_OSRELEASE)) == 0) {
@@ -2244,6 +2246,8 @@ read_vmcoreinfo_symbol(char *str_symbol)
while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
i = strlen(buf);
+ if (!i)
+ break;
if (buf[i - 1] == '\n')
buf[i - 1] = '\0';
if (strncmp(buf, str_symbol, strlen(str_symbol)) == 0) {
@@ -2275,6 +2279,8 @@ read_vmcoreinfo_long(char *str_structure
while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
i = strlen(buf);
+ if (!i)
+ break;
if (buf[i - 1] == '\n')
buf[i - 1] = '\0';
if (strncmp(buf, str_structure, strlen(str_structure)) == 0) {
@@ -2304,6 +2310,8 @@ read_vmcoreinfo_string(char *str_in, cha
while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
i = strlen(buf);
+ if (!i)
+ break;
if (buf[i - 1] == '\n')
buf[i - 1] = '\0';
if (strncmp(buf, str_in, strlen(str_in)) == 0) {
@@ -5790,6 +5798,8 @@ read_vmcoreinfo_basic_info_xen()
while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
i = strlen(buf);
+ if (!i)
+ break;
if (buf[i - 1] == '\n')
buf[i - 1] = '\0';
if (strncmp(buf, STR_PAGESIZE, strlen(STR_PAGESIZE)) == 0) {
--
Itsuro ODA <oda at valinux.co.jp>
More information about the kexec
mailing list