From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <aliguori@us.ibm.com>
Subject: Re: [Xen-changelog] Correct buffer->size at the same
 time as	buffer->capacity when shrinking down a
Date: Thu, 17 Nov 2005 11:38:05 -0600
Message-ID: <437CBFFD.7020007@us.ibm.com>
References: <E1EcmDE-000875-Pm@xenbits.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <E1EcmDE-000875-Pm@xenbits.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: xen-devel@lists.xensource.com
Cc: Dan Smith <danms@us.ibm.com>
List-Id: xen-devel@lists.xenproject.org

Thanks Ewan, Dan and I were banging our heads on this one.

Good Catch!

Regards,

Anthony Liguori

Xen patchbot -unstable wrote:

># HG changeset patch
># User emellor@leeni.uk.xensource.com
># Node ID 418954da5c0f58bc856893f3850b0d97deb143ec
># Parent  3f39f030fa894d29d04b748513bf48000d6a17f5
>Correct buffer->size at the same time as buffer->capacity when shrinking down a
>buffer that has grown beyond max_capacity.  This fixes a Xenconsoled segfault
>that was caused by stomping around above the buffer's allocated region.  It
>became possible to set the max_capacity with changeset 7431, and ever
>since then we have been exposed to this bug.  It would most easily be triggered
>by running a domain without a client attached to the console, so that the
>max_capacity was reached more easily.
>
>Closes bug #380.
>
>Signed-off-by: Ewan Mellor <ewan@xensource.com>
>
>diff -r 3f39f030fa89 -r 418954da5c0f tools/console/daemon/io.c
>--- a/tools/console/daemon/io.c	Wed Nov 16 19:33:23 2005
>+++ b/tools/console/daemon/io.c	Thu Nov 17 11:59:12 2005
>@@ -114,7 +114,7 @@
> 			buffer->data, buffer->max_capacity);
> 		buffer->data = realloc(buffer->data,
> 				       buffer->max_capacity);
>-		buffer->capacity = buffer->max_capacity;
>+		buffer->size = buffer->capacity = buffer->max_capacity;
> 	}
> }
> 
>
>_______________________________________________
>Xen-changelog mailing list
>Xen-changelog@lists.xensource.com
>http://lists.xensource.com/xen-changelog
>
>  
>