[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.

To: Xen-devel <xen-devel@xxxxxxxxxxxxx>
From: <jennifer.herbert@xxxxxxxxxx>
Date: Fri, 21 Apr 2017 13:15:42 +0000
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, Jennifer Herbert <Jennifer.Herbert@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>
Delivery-date: Fri, 21 Apr 2017 13:16:07 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

From: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>

This makes copying to or from a buf that isn't big enough an error.
If the buffer isnt big enough, trying to carry on regardless
can only cause trouble later on.

Signed-off-by: Jennifer Herbert <Jennifer.Herbert@xxxxxxxxxx>
--
CC: Paul Durrant <paul.durrant@xxxxxxxxxx>
CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CC: Jan Beulich <JBeulich@xxxxxxxx>
CC: Julien Grall <julien.grall@xxxxxxx>
---
This patch takes the behaviour change part of patch the previouse
[patch 2/4].
---
 xen/arch/x86/hvm/dm.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/xen/arch/x86/hvm/dm.c b/xen/arch/x86/hvm/dm.c
index e583e41..63aa46c 100644
--- a/xen/arch/x86/hvm/dm.c
+++ b/xen/arch/x86/hvm/dm.c
@@ -36,30 +36,32 @@ static bool copy_buf_from_guest(const xen_dm_op_buf_t 
bufs[],
                                 unsigned int nr_bufs, void *dst,
                                 unsigned int idx, size_t dst_size)
 {
-    size_t size;
+    size_t buf_bytes;
 
     if ( idx >= nr_bufs )
         return false;
 
-    memset(dst, 0, dst_size);
-
-    size = min_t(size_t, dst_size, bufs[idx].size);
+    buf_bytes = bufs[idx].size;
+    if ( dst_size > buf_bytes )
+        return false;
 
-    return !copy_from_guest(dst, bufs[idx].h, size);
+    return !copy_from_guest(dst, bufs[idx].h, buf_bytes);
 }
 
 static bool copy_buf_to_guest(const xen_dm_op_buf_t bufs[],
                               unsigned int nr_bufs, unsigned int idx,
                               const void *src, size_t src_size)
 {
-    size_t size;
+    size_t buf_bytes;
 
     if ( idx >= nr_bufs )
         return false;
 
-    size = min_t(size_t, bufs[idx].size, src_size);
+    buf_bytes = bufs[idx].size;
+    if ( src_size > buf_bytes )
+        return false;
 
-    return !copy_to_guest(bufs[idx].h, src, size);
+    return !copy_to_guest(bufs[idx].h, src, buf_bytes);
 }
 
 static int track_dirty_vram(struct domain *d, xen_pfn_t first_pfn,
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.
  - From: Paul Durrant

References:
- [Xen-devel] [PATCH v7 for-4.9 1/5] hvm/dmop: Box dmop_args rather than passing multiple parameters around
  - From: jennifer.herbert

Prev by Date: [Xen-devel] [PATCH v7 for-4.9 5/5] dmop: Add xendevicemodel_modified_memory_bulk()
Next by Date: Re: [Xen-devel] [PATCH v7 for-4.9 1/5] hvm/dmop: Box dmop_args rather than passing multiple parameters around
Previous by thread: [Xen-devel] [PATCH v7 for-4.9 5/5] dmop: Add xendevicemodel_modified_memory_bulk()
Next by thread: Re: [Xen-devel] [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.