Xen project Mailing List

[Xen-changelog] [xen master] libelf/xc_dom_load_elf_symtab: Do not use "syms" uninitialised

Date: Mon, 17 Jun 2013 13:45:15 +0000

Delivery-date: Mon, 17 Jun 2013 13:45:21 +0000

List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xen.org>

commit 95dd49bed681af93f71a401b0a35bf2f917c6e68 Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> AuthorDate: Fri Jun 14 16:39:35 2013 +0100 Commit: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> CommitDate: Fri Jun 14 16:39:35 2013 +0100 libelf/xc_dom_load_elf_symtab: Do not use "syms" uninitialised xc_dom_load_elf_symtab (with load==0) calls elf_round_up, but it mistakenly used the uninitialised variable "syms" when calculating dom->bsd_symtab_start. This should be a reference to "elf". This change might have the effect of rounding the value differently. Previously if the uninitialised value (a single byte on the stack) was ELFCLASS64 (ie, 2), the alignment would be to 8 bytes, otherwise to 4. However, the value is calculated from dom->kernel_seg.vend so this could only make a difference if that value wasn't already aligned to 8 bytes. This is part of the fix to a security issue, XSA-55. Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Chuck Anderson <chuck.anderson@xxxxxxxxxx> v2: Split this change into its own patch for proper review. --- tools/libxc/xc_dom_elfloader.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/libxc/xc_dom_elfloader.c b/tools/libxc/xc_dom_elfloader.c index bc92302..7ff51d1 100644 --- a/tools/libxc/xc_dom_elfloader.c +++ b/tools/libxc/xc_dom_elfloader.c @@ -142,7 +142,7 @@ static int xc_dom_load_elf_symtab(struct xc_dom_image *dom, hdr = xc_dom_malloc(dom, size); if ( hdr == NULL ) return 0; - dom->bsd_symtab_start = elf_round_up(&syms, dom->kernel_seg.vend); + dom->bsd_symtab_start = elf_round_up(elf, dom->kernel_seg.vend); } memcpy(hdr + sizeof(int), -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.