From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andreas Sommer Subject: libxc: Question on kernel image unzipping Date: Thu, 09 Jul 2009 13:34:38 +0100 Message-ID: <4A55E3DE.103@web.de> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0477607220==" Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org This is a multi-part message in MIME format. --===============0477607220== Content-Type: multipart/alternative; boundary="------------000608070505050204070106" This is a multi-part message in MIME format. --------------000608070505050204070106 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, libxc contains the following function which is used when uncompressing zipped kernel images: /* ------------------------------------------------------------------------ */ /* read files, copy memory blocks, with transparent gunzip */ size_t xc_dom_check_gzip(void *blob, size_t ziplen) { unsigned char *gzlen; size_t unziplen; if ( strncmp(blob, "\037\213", 2) ) /* not gzipped */ return 0; gzlen = blob + ziplen - 4; unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0]; if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */ { xc_dom_printf ("%s: size (zip %zd, unzip %zd) looks insane, skip gunzip\n", __FUNCTION__, ziplen, unziplen); return 0; } return unziplen + 16; } The returned unziplen+16 is used for the size of the destination buffer given to inflate. But it is then also written to the kernel_size attribute of the xc_dom_image struct. Hence kernel_size does not contain the uncompressed kernel size but that /plus/ 16. So why do you always add 16 bytes to the *real* uncompressed kernel size?? That doesn't make much sense to me but I need to know it because it is related to my current work. Thanks in advance. P.S.: Anybody heard of "code documentation"? ;-) --------------000608070505050204070106 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi,

libxc contains the following function which is used when uncompressing zipped kernel images:

/* ------------------------------------------------------------------------ */ /* read files, copy memory blocks, with transparent gunzip */size_t xc_dom_check_gzip(void *blob, size_t ziplen) { unsigned char *gzlen; size_t unziplen; if ( strncmp(blob, "\037\213", 2) ) /* not gzipped */ return 0; gzlen = blob + ziplen - 4; unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0]; if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */ { xc_dom_printf ("%s: size (zip %zd, unzip %zd) looks insane, skip gunzip\n", __FUNCTION__, ziplen, unziplen); return 0; } return unziplen + 16; }

The returned unziplen+16 is used for the size of the destination buffer given to inflate. But it is then also written to the kernel_size attribute of the xc_dom_image struct. Hence kernel_size does not contain the uncompressed kernel size but that plus 16.
So why do you always add 16 bytes to the real uncompressed kernel size?? That doesn't make much sense to me but I need to know it because it is related to my current work.

Thanks in advance.

P.S.: Anybody heard of "code documentation"? ;-)
--------------000608070505050204070106-- --===============0477607220== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0477607220==-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Keir Fraser Subject: Re: libxc: Question on kernel image unzipping Date: Thu, 09 Jul 2009 14:53:28 +0100 Message-ID: References: <4A55E3DE.103@web.de> Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <4A55E3DE.103@web.de> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Andreas Sommer , "xen-devel@lists.xensource.com" Cc: Gerd Hoffmann List-Id: xen-devel@lists.xenproject.org On 09/07/2009 13:34, "Andreas Sommer" wrote: > libxc contains the following function which is used when uncompressing zipped > kernel images: > size_t xc_dom_check_gzip(void *blob, size_t ziplen) > { > ... > return unziplen + 16; > } > The returned unziplen+16 is used for the size of the destination buffer given > to inflate. But it is then also written to the kernel_size attribute of the > xc_dom_image struct. Hence kernel_size does not contain the uncompressed > kernel size but that plus 16. > So why do you always add 16 bytes to the real uncompressed kernel size?? That > doesn't make much sense to me but I need to know it because it is related to > my current work. Gerd Hoffman would be the person to ask. The +16 doesn't appear to me to have any purpose. -- Keir From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gerd Hoffmann Subject: Re: libxc: Question on kernel image unzipping Date: Thu, 09 Jul 2009 16:03:43 +0200 Message-ID: <4A55F8BF.9030101@redhat.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Keir Fraser Cc: Andreas Sommer , "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org On 07/09/09 15:53, Keir Fraser wrote: > On 09/07/2009 13:34, "Andreas Sommer" wrote: > >> libxc contains the following function which is used when uncompressing zipped >> kernel images: >> size_t xc_dom_check_gzip(void *blob, size_t ziplen) >> { >> ... >> return unziplen + 16; >> } >> The returned unziplen+16 is used for the size of the destination buffer given >> to inflate. But it is then also written to the kernel_size attribute of the >> xc_dom_image struct. Hence kernel_size does not contain the uncompressed >> kernel size but that plus 16. >> So why do you always add 16 bytes to the real uncompressed kernel size?? That >> doesn't make much sense to me but I need to know it because it is related to >> my current work. > > Gerd Hoffman would be the person to ask. The +16 doesn't appear to me to > have any purpose. Oh, has been quite a while. IIRC that is related to zlib needing some extra space. So I *think* you can drop it there to get a correct kernel_size, but then you'll have to care somewhere else (probably when allocating the unzip target buffer) about the 16 extra bytes to make sure zlib doesn't overrun the buffer. But better double-check that ... cheers, Gerd