>>> On 30.06.16 at 17:04, <anthony.per...@citrix.com> wrote:
> On Mon, Jun 27, 2016 at 01:13:43AM -0600, Jan Beulich wrote:
>> >>> On 24.06.16 at 19:02, <anthony.per...@citrix.com> wrote:
>> > On Fri, Jun 24, 2016 at 01:33:45AM -0600, Jan Beulich wrote:
>> >> >>> On 22.06.16 at 19:15, <anthony.per...@citrix.com> wrote:
>> >> > +    for ( i = 0; i < info->nr_modules; i++ )
>> >> > +    {
>> >> > +        uint32_t module_name = modlist[i].cmdline_paddr;
>> >> > +
>> >> > +        /* Skip if the module or its cmdline is missing. */
>> >> > +        if ( !module_name || !modlist[i].paddr )
>> >> > +            continue;
>> >> > +
>> >> > +        /* Skip if the cmdline can not be read. */
>> >> > +        if ( modlist[i].cmdline_paddr > UINT_MAX )
>> >> > +            continue;
>> >> 
>> >> Similarly here.
>> > 
>> > Here, I don't know the size of the cmdline and I don't think calling an
>> > extra strlen() would be usefull. I think that the strcmp() below is going 
>> > to
>> > be enough for the top bondary check.
>> 
>> No - once you reach the 4Gb boundary, the compare would continue
>> at address zero. That's not what you want.
>> > Or I could use the size of name.
>> 
>> Size of name?
> 
> The function get_module_entry() takes an argument called "name", I think
> I was proposing to use that, strlen(name).
> 
> So, I'm going to add this condition:
> (cmdline_paddr + strlen(name) > UINTPTR_MAX)
> name is the string we are going to compare cmdline to. I think that
> will be enough to do a full check of the module cmdline.

Makes sense.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Reply via email to