|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH][x86-PAE] Avoid overflow in xc_domain_dumpcore_via_callback()
Hi. On x86-PAE systems, guest domains can have memory larger than 4GB. When trying to get xendump of such a guest, nr_pages * PAGE_SIZE exceeds 2^32, so "filesz" is not calculated properly in xc_domain_dumpcore_via_callback(). As a result, the crash utility cannot access to the string table section and cannot read the dumpfile. Attached patch fixes this bug. Thanks, Daisuke Nishimura. # HG changeset patch
# User root@xxxxxxxxxxxxxxxxxxxxx
# Date 1192417680 -32400
# Node ID 4eb6816a52e888017f294bf5fef1c68a75de374e
# Parent d6d3c7856abc196eec4a1ef6a39b965976a6ee8b
[x86-PAE] Avoid overflow in xc_domain_dumpcore_via_callback().
Signed-off-by: Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx>
diff -r d6d3c7856abc -r 4eb6816a52e8 tools/libxc/xc_core.c
--- a/tools/libxc/xc_core.c Thu Oct 11 10:12:07 2007 +0100
+++ b/tools/libxc/xc_core.c Mon Oct 15 12:08:00 2007 +0900
@@ -620,7 +620,7 @@ xc_domain_dumpcore_via_callback(int xc_h
dummy_len = ROUNDUP(offset, PAGE_SHIFT) - offset; /* padding length */
offset += dummy_len;
- filesz = nr_pages * PAGE_SIZE;
+ filesz = (uint64_t)nr_pages * PAGE_SIZE;
sts = xc_core_shdr_set(shdr, strtab, XEN_DUMPCORE_SEC_PAGES, SHT_PROGBITS,
offset, filesz, PAGE_SIZE, PAGE_SIZE);
if ( sts != 0 )
_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |