[PATCH] kexec-tools, ppc64: Fix segfault on parsing of large device trees.
horms at verge.net.au
Mon May 10 05:19:40 EDT 2010
On Mon, May 10, 2010 at 02:55:03PM +1000, Michael Neuling wrote:
> In message <4BE78E06.6080601 at ozlabs.org> you wrote:
> > ppc64's fs2dt used to use a fixed-size array into which the device tree
> > was parsed. There was no bounds checking, so with a large device tree other
> > heap data ended up getting stomped -- SIGSEGV time.
> > This patch adds a function, 'dt_reserve', to check whether there's enough spa
> > left prior to writing data to the array. If not, the array is realloced.
> > Signed-off-by: Matt Evans <matt at ozlabs.org>
> Ack-by: Michael Neuling <mikey at neuling.org>
> (also added linuxppc-dev at ozlabs.org to CC list)
More information about the kexec