[Xen-devel] [PATCH 4/6] sysctl: use xmalloc_array() for XEN_SYSCTL_page_offline_op

Jan Beulich Wed, 05 Feb 2020 05:17:14 -0800

This is more robust than the raw xmalloc_bytes().

Also add a sanity check on the input page range.


Signed-off-by: Jan Beulich <jbeul...@suse.com>

--- a/xen/common/sysctl.c
+++ b/xen/common/sysctl.c
@@ -187,13 +187,17 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe
         uint32_t *status, *ptr;
         mfn_t mfn;
 
+        ret = -EINVAL;
+        if ( op->u.page_offline.end < op->u.page_offline.start )
+            break;
+
         ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd);
         if ( ret )
             break;
 
-        ptr = status = xmalloc_bytes( sizeof(uint32_t) *
-                                (op->u.page_offline.end -
-                                  op->u.page_offline.start + 1));
+        ptr = status = xmalloc_array(uint32_t,
+                                     (op->u.page_offline.end -
+                                      op->u.page_offline.start + 1));
         if ( !status )
         {
             dprintk(XENLOG_WARNING, "Out of memory for page offline op\n");


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

[Xen-devel] [PATCH 4/6] sysctl: use xmalloc_array() for XEN_SYSCTL_page_offline_op

Reply via email to