Hi,

libxc contains the following function which is used when uncompressing zipped kernel images:

/* ------------------------------------------------------------------------ */
/* read files, copy memory blocks, with transparent gunzip                  */

size_t xc_dom_check_gzip(void *blob, size_t ziplen)
{
    unsigned char *gzlen;
    size_t unziplen;

    if ( strncmp(blob, "\037\213", 2) )
        /* not gzipped */
        return 0;

    gzlen = blob + ziplen - 4;
    unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
    if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
    {
        xc_dom_printf
            ("%s: size (zip %zd, unzip %zd) looks insane, skip gunzip\n",
             __FUNCTION__, ziplen, unziplen);
        return 0;
    }

    return unziplen + 16;
}


The returned unziplen+16 is used for the size of the destination buffer given to inflate. But it is then also written to the kernel_size attribute of the xc_dom_image struct. Hence kernel_size does not contain the uncompressed kernel size but that plus 16.
So why do you always add 16 bytes to the real uncompressed kernel size?? That doesn't make much sense to me but I need to know it because it is related to my current work.

Thanks in advance.

P.S.: Anybody heard of "code documentation"? ;-)