[PATCH] makedumpfile: fix illegal buffer access
Ken'ichi Ohmichi
oomichi at mxs.nes.nec.co.jp
Fri Jun 27 05:44:55 EDT 2008
Hi ODA-san,
Thank you for the patch.
I will apply the patch to the next release.
Thanks
Ken'ichi Ohmichi
Itsuro ODA wrote:
> Hi,
>
> Null padding of the vmcoreinfo (vmcoreinfo of xen is the case)
> causes SIGSEGV (I met it on x86_64).
> This fix avoids illegal buffer access.
>
> Thanks.
> Itsuro Oda
>
> --- makedumpfile.c.org 2008-06-12 15:01:26.000000000 +0900
> +++ makedumpfile.c 2008-06-12 16:16:11.000000000 +0900
> @@ -2187,6 +2187,8 @@ read_vmcoreinfo_basic_info()
>
> while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
> i = strlen(buf);
> + if (!i)
> + break;
> if (buf[i - 1] == '\n')
> buf[i - 1] = '\0';
> if (strncmp(buf, STR_OSRELEASE, strlen(STR_OSRELEASE)) == 0) {
> @@ -2244,6 +2246,8 @@ read_vmcoreinfo_symbol(char *str_symbol)
>
> while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
> i = strlen(buf);
> + if (!i)
> + break;
> if (buf[i - 1] == '\n')
> buf[i - 1] = '\0';
> if (strncmp(buf, str_symbol, strlen(str_symbol)) == 0) {
> @@ -2275,6 +2279,8 @@ read_vmcoreinfo_long(char *str_structure
>
> while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
> i = strlen(buf);
> + if (!i)
> + break;
> if (buf[i - 1] == '\n')
> buf[i - 1] = '\0';
> if (strncmp(buf, str_structure, strlen(str_structure)) == 0) {
> @@ -2304,6 +2310,8 @@ read_vmcoreinfo_string(char *str_in, cha
>
> while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
> i = strlen(buf);
> + if (!i)
> + break;
> if (buf[i - 1] == '\n')
> buf[i - 1] = '\0';
> if (strncmp(buf, str_in, strlen(str_in)) == 0) {
> @@ -5790,6 +5798,8 @@ read_vmcoreinfo_basic_info_xen()
>
> while (fgets(buf, BUFSIZE_FGETS, info->file_vmcoreinfo)) {
> i = strlen(buf);
> + if (!i)
> + break;
> if (buf[i - 1] == '\n')
> buf[i - 1] = '\0';
> if (strncmp(buf, STR_PAGESIZE, strlen(STR_PAGESIZE)) == 0) {
>
More information about the kexec
mailing list