[Xen-changelog] [xen-4.0-testing] xen: Fix off-by-one error when parsing command line arguments

[Xen patchbot-4.0-testing <patchbot@xxxxxxx>]

# HG changeset patch
# User Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
# Date 1341319874 -3600
# Node ID 30c9bcaec782d200113dfaebb97d55a9e73cd869
# Parent  c9861d09dc81a218af8017bb4eccace1aa2c91b8
xen: Fix off-by-one error when parsing command line arguments

As Xen currently stands, it will attempt to interpret the first few
bytes of the initcall section as a struct kernel_param.

The reason that this not caused problems is because in the overflow
case, param->name is actually a function pointer to the first
initcall, and intepreting it as string is very unlikely to match an
ASCII command line parameter name.

Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Committed-by: Keir Fraser <keir@xxxxxxx>
xen-unstable changeset:   25587:2cffb7bf6e57
xen-unstable date:        Tue Jul 03 13:38:19 2012 +0100
---


diff -r c9861d09dc81 -r 30c9bcaec782 xen/common/kernel.c
--- a/xen/common/kernel.c       Tue Jul 03 13:51:04 2012 +0100
+++ b/xen/common/kernel.c       Tue Jul 03 13:51:14 2012 +0100
@@ -68,7 +68,7 @@ void cmdline_parse(char *cmdline)
         if ( !bool_assert )
             optkey += 3;
 
-        for ( param = &__setup_start; param <= &__setup_end; param++ )
+        for ( param = &__setup_start; param < &__setup_end; param++ )
         {
             if ( strcmp(param->name, optkey) )
                 continue;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog