[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 1/2] libxc: Don't write terminating NULL character to command string



On 05/01/2016 22:59, Boris Ostrovsky wrote:
> On 01/05/2016 05:42 PM, Andrew Cooper wrote:
>> On 05/01/2016 22:26, Boris Ostrovsky wrote:
>>> When copying boot command string for HVMlite guests we explicitly write
>>> '\0' at MAX_GUEST_CMDLINE offset. Unless the string is close to
>>> MAX_GUEST_CMDLINE in length this write will end up in the wrong place,
>>> beyond the end of the mapped range.
>>>
>>> Instead we should test string's length early and error out if it is too
>>> long.
>>>
>>> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
>> MAX_GUEST_CMDLINE is an arbitrary and incorrect restriction.  It is
>> sadly baked into the PV ABI, but I specifically want to avoid lumbering
>> DMLite with the failings of PV.
>>
>> By the looks of it, the only bug is the use of MAX_GUEST_CMDLINE.  The
>> xc_map_foreign_range() call already accounts for sufficient space to
>> store the string when mapping guest memory.
>
> Yes, I was also thinking about dropping it but ended up keeping it
> mostly because it didn't feel right to blindly use strcpy().

Possibly add a comment explaining that the length has already been
checked, and that sufficient space has been allocated, if that helps? 
One way or another, the use of strcpy() here is correct.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.