[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer

To: Jan Beulich <JBeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Tue, 9 Apr 2019 11:31:40 +0100
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 09 Apr 2019 10:31:50 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi,

On 03/04/2019 08:59, Jan Beulich wrote:

On 02.04.19 at 19:49, <andrew.cooper3@xxxxxxxxxx> wrote:

On 02/04/2019 17:42, Julien Grall wrote:

diff --git a/xen/arch/arm/early_printk.c b/xen/arch/arm/early_printk.c
index 97466a12b1..35a47c7229 100644
--- a/xen/arch/arm/early_printk.c
+++ b/xen/arch/arm/early_printk.c
@@ -17,9 +17,10 @@
  void early_putch(char c);
  void early_flush(void);

-void early_puts(const char *s)

+void early_puts(const char *s, unsigned int nr)


size_t here and elsewhere please, because...

@@ -666,16 +664,16 @@ static bool_t console_locks_busted;

static void __putstr(const char *str)

  {
+    size_t len = strlen(str);
+
      ASSERT(spin_is_locked(&console_lock));

- sercon_puts(str);

-    video_puts(str);
+    sercon_puts(str, len);
+    video_puts(str, len);


... this introduces a truncation bug for 64bit builds.

I don't expect a 4G buffer to be passed, but it is not worth introducing
the possibility for such a subtle bug in the first place.


I don't entirely object to what you say, but I also don't think
running into a truncation situation here would be an actual
problem: Consider how long it would take to get out such a
giant string, not to speak of it going to wrap our internal ring
buffers many times. Looking at it from that angle, truncation
may actually beneficial here;

Truncation could be done explicitly in *_puts functions if necessary. So I willswitch to size_t as suggested by Andrew.

"len" may want to be unsigned int
as well then. do_console_io()'s "count" is "int" as well (should
really be "unsigned int" imo, just like "cmd").


I will look at writing a patch to switch do_console_io() to unsigned int.

Cheers,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH 0/4] xen/console: Bug fixes and doc improvement
  - From: Julien Grall
- [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH] x86/hvm: Fix altp2m_op hypercall continuations
Next by Date: Re: [Xen-devel] [PATCH v2 00/31] Specific platform to run OVMF in Xen PVH and HVM guests
Previous by thread: Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
Next by thread: Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.