[PATCH] Fix memory errors on ppc

[Suzuki Poulose]

Fix memory errors on ppc

  Fixes buffer overflow and improper realloc() in realloc_memory_ranges().

Signed-off-by: Suzuki K. Poulose <suzuki at in.ibm.com>

diff --git a/kexec/arch/ppc/crashdump-powerpc.c b/kexec/arch/ppc/crashdump-powerpc.c
index eb82122..371137c 100644
--- a/kexec/arch/ppc/crashdump-powerpc.c
+++ b/kexec/arch/ppc/crashdump-powerpc.c
@@ -79,7 +79,7 @@ static int get_crash_memory_ranges(struct memory_range **range, int *ranges)
  	int memory_ranges = 0;
  	char device_tree[256] = "/proc/device-tree/";
  	char fname[256];
-	char buf[MAXBYTES-1];
+	char buf[MAXBYTES];
  	DIR *dir, *dmem;
  	FILE *file;
  	struct dirent *dentry, *mentry;
diff --git a/kexec/arch/ppc/kexec-ppc.c b/kexec/arch/ppc/kexec-ppc.c
index ab76d6f..96fbc12 100644
--- a/kexec/arch/ppc/kexec-ppc.c
+++ b/kexec/arch/ppc/kexec-ppc.c
@@ -192,11 +192,12 @@ static int realloc_memory_ranges(void)
  	max_memory_ranges++;
  	memory_range_len = sizeof(struct memory_range) * max_memory_ranges;
  
-	memory_range = (struct memory_range *) malloc(memory_range_len);
+	memory_range = (struct memory_range *) realloc(memory_range,
+							memory_range_len);
  	if (!memory_range)
  		goto err;
  
-	base_memory_range = (struct memory_range *) realloc(memory_range,
+	base_memory_range = (struct memory_range *) realloc(base_memory_range,
  			memory_range_len);
  	if (!base_memory_range)
  		goto err;
@@ -319,7 +320,7 @@ static int get_devtree_details(unsigned long kexec_flags)
  	unsigned long long htab_base, htab_size;
  	unsigned long long kernel_end;
  	unsigned long long initrd_start, initrd_end;
-	char buf[MAXBYTES-1];
+	char buf[MAXBYTES];
  	char device_tree[256] = "/proc/device-tree/";
  	char fname[256];
  	DIR *dir, *cdir;