| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <50F5684F02000078000B5CC1@nat28.tlf.novell.com>
Date: Tue, 15 Jan 2013 13:31:43 +0000
From: "Jan Beulich" <JBeulich@...e.com>
To: "Konrad Rzeszutek Wilk" <konrad.wilk@...cle.com>
Cc: "xen-devel" <xen-devel@...ts.xen.org>,
<linux-kernel@...r.kernel.org>
Subject: [PATCH] Xen: properly bound buffer access when parsing
cpu/*/availability
At the same time reduce the local buffers to 16 bytes each.
Signed-off-by: Jan Beulich <jbeulich@...e.com>
--- a/drivers/xen/cpu_hotplug.c
+++ b/drivers/xen/cpu_hotplug.c
@@ -25,10 +25,10 @@ static void disable_hotplug_cpu(int cpu)
static int vcpu_online(unsigned int cpu)
{
int err;
- char dir[32], state[32];
+ char dir[16], state[16];
sprintf(dir, "cpu/%u", cpu);
- err = xenbus_scanf(XBT_NIL, dir, "availability", "%s", state);
+ err = xenbus_scanf(XBT_NIL, dir, "availability", "%15s", state);
if (err != 1) {
if (!xen_initial_domain())
printk(KERN_ERR "XENBUS: Unable to read cpu state\n");
View attachment "xen-vcpu-availability-field-width.patch" of type "text/plain" (684 bytes)
Powered by blists - more mailing lists