* [PATCH] Fix memory errors on ppc
@ 2011-04-27 10:08 Suzuki Poulose
2011-04-27 12:05 ` Simon Horman
0 siblings, 1 reply; 3+ messages in thread
From: Suzuki Poulose @ 2011-04-27 10:08 UTC (permalink / raw)
To: Simon Horman; +Cc: kexec@lists.infradead.org
Fix memory errors on ppc
Fixes buffer overflow and improper realloc() in realloc_memory_ranges().
Signed-off-by: Suzuki K. Poulose <suzuki@in.ibm.com>
diff --git a/kexec/arch/ppc/crashdump-powerpc.c b/kexec/arch/ppc/crashdump-powerpc.c
index eb82122..371137c 100644
--- a/kexec/arch/ppc/crashdump-powerpc.c
+++ b/kexec/arch/ppc/crashdump-powerpc.c
@@ -79,7 +79,7 @@ static int get_crash_memory_ranges(struct memory_range **range, int *ranges)
int memory_ranges = 0;
char device_tree[256] = "/proc/device-tree/";
char fname[256];
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
DIR *dir, *dmem;
FILE *file;
struct dirent *dentry, *mentry;
diff --git a/kexec/arch/ppc/kexec-ppc.c b/kexec/arch/ppc/kexec-ppc.c
index ab76d6f..96fbc12 100644
--- a/kexec/arch/ppc/kexec-ppc.c
+++ b/kexec/arch/ppc/kexec-ppc.c
@@ -192,11 +192,12 @@ static int realloc_memory_ranges(void)
max_memory_ranges++;
memory_range_len = sizeof(struct memory_range) * max_memory_ranges;
- memory_range = (struct memory_range *) malloc(memory_range_len);
+ memory_range = (struct memory_range *) realloc(memory_range,
+ memory_range_len);
if (!memory_range)
goto err;
- base_memory_range = (struct memory_range *) realloc(memory_range,
+ base_memory_range = (struct memory_range *) realloc(base_memory_range,
memory_range_len);
if (!base_memory_range)
goto err;
@@ -319,7 +320,7 @@ static int get_devtree_details(unsigned long kexec_flags)
unsigned long long htab_base, htab_size;
unsigned long long kernel_end;
unsigned long long initrd_start, initrd_end;
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
char device_tree[256] = "/proc/device-tree/";
char fname[256];
DIR *dir, *cdir;
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH] Fix memory errors on ppc
@ 2011-04-27 10:08 Suzuki Poulose
0 siblings, 0 replies; 3+ messages in thread
From: Suzuki Poulose @ 2011-04-27 10:08 UTC (permalink / raw)
To: kexec
Fixes buffer overflow and improper realloc() in realloc_memory_ranges().
Signed-off-by: Suzuki K. Poulose <suzuki@in.ibm.com>
(manually applied)
Signed-off-by: Simon Horman <horms@verge.net.au>
---
kexec/arch/ppc/crashdump-powerpc.c | 2 +-
kexec/arch/ppc/kexec-ppc.c | 7 ++++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/kexec/arch/ppc/crashdump-powerpc.c b/kexec/arch/ppc/crashdump-powerpc.c
index eb82122..371137c 100644
--- a/kexec/arch/ppc/crashdump-powerpc.c
+++ b/kexec/arch/ppc/crashdump-powerpc.c
@@ -79,7 +79,7 @@ static int get_crash_memory_ranges(struct memory_range **range, int *ranges)
int memory_ranges = 0;
char device_tree[256] = "/proc/device-tree/";
char fname[256];
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
DIR *dir, *dmem;
FILE *file;
struct dirent *dentry, *mentry;
diff --git a/kexec/arch/ppc/kexec-ppc.c b/kexec/arch/ppc/kexec-ppc.c
index ab76d6f..db00b96 100644
--- a/kexec/arch/ppc/kexec-ppc.c
+++ b/kexec/arch/ppc/kexec-ppc.c
@@ -192,11 +192,12 @@ static int realloc_memory_ranges(void)
max_memory_ranges++;
memory_range_len = sizeof(struct memory_range) * max_memory_ranges;
- memory_range = (struct memory_range *) malloc(memory_range_len);
+ memory_range = (struct memory_range *) realloc(memory_range,
+ memory_range_len);
if (!memory_range)
goto err;
- base_memory_range = (struct memory_range *) realloc(memory_range,
+ base_memory_range = (struct memory_range *) realloc(base_memory_range,
memory_range_len);
if (!base_memory_range)
goto err;
@@ -319,7 +320,7 @@ static int get_devtree_details(unsigned long kexec_flags)
unsigned long long htab_base, htab_size;
unsigned long long kernel_end;
unsigned long long initrd_start, initrd_end;
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
char device_tree[256] = "/proc/device-tree/";
char fname[256];
DIR *dir, *cdir;
--
1.7.4.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] Fix memory errors on ppc
2011-04-27 10:08 [PATCH] Fix memory errors on ppc Suzuki Poulose
@ 2011-04-27 12:05 ` Simon Horman
0 siblings, 0 replies; 3+ messages in thread
From: Simon Horman @ 2011-04-27 12:05 UTC (permalink / raw)
To: Suzuki Poulose; +Cc: kexec@lists.infradead.org
On Wed, Apr 27, 2011 at 03:38:49PM +0530, Suzuki Poulose wrote:
> Fix memory errors on ppc
>
> Fixes buffer overflow and improper realloc() in realloc_memory_ranges().
>
> Signed-off-by: Suzuki K. Poulose <suzuki@in.ibm.com>
Thanks.
For some reason I still had trouble applying your patch,
so I applied it manually. I have pushed the following:
From 806ef8870539a6c74a2a98188d0207a038b16f77 Mon Sep 17 00:00:00 2001
From: Suzuki Poulose <suzuki@in.ibm.com>
Date: Wed, 27 Apr 2011 15:38:49 +0530
Subject: [PATCH] Fix memory errors on ppc
Fixes buffer overflow and improper realloc() in realloc_memory_ranges().
Signed-off-by: Suzuki K. Poulose <suzuki@in.ibm.com>
(manually applied)
Signed-off-by: Simon Horman <horms@verge.net.au>
---
kexec/arch/ppc/crashdump-powerpc.c | 2 +-
kexec/arch/ppc/kexec-ppc.c | 7 ++++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/kexec/arch/ppc/crashdump-powerpc.c b/kexec/arch/ppc/crashdump-powerpc.c
index eb82122..371137c 100644
--- a/kexec/arch/ppc/crashdump-powerpc.c
+++ b/kexec/arch/ppc/crashdump-powerpc.c
@@ -79,7 +79,7 @@ static int get_crash_memory_ranges(struct memory_range **range, int *ranges)
int memory_ranges = 0;
char device_tree[256] = "/proc/device-tree/";
char fname[256];
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
DIR *dir, *dmem;
FILE *file;
struct dirent *dentry, *mentry;
diff --git a/kexec/arch/ppc/kexec-ppc.c b/kexec/arch/ppc/kexec-ppc.c
index ab76d6f..db00b96 100644
--- a/kexec/arch/ppc/kexec-ppc.c
+++ b/kexec/arch/ppc/kexec-ppc.c
@@ -192,11 +192,12 @@ static int realloc_memory_ranges(void)
max_memory_ranges++;
memory_range_len = sizeof(struct memory_range) * max_memory_ranges;
- memory_range = (struct memory_range *) malloc(memory_range_len);
+ memory_range = (struct memory_range *) realloc(memory_range,
+ memory_range_len);
if (!memory_range)
goto err;
- base_memory_range = (struct memory_range *) realloc(memory_range,
+ base_memory_range = (struct memory_range *) realloc(base_memory_range,
memory_range_len);
if (!base_memory_range)
goto err;
@@ -319,7 +320,7 @@ static int get_devtree_details(unsigned long kexec_flags)
unsigned long long htab_base, htab_size;
unsigned long long kernel_end;
unsigned long long initrd_start, initrd_end;
- char buf[MAXBYTES-1];
+ char buf[MAXBYTES];
char device_tree[256] = "/proc/device-tree/";
char fname[256];
DIR *dir, *cdir;
--
1.7.4.1
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-04-27 12:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-04-27 10:08 [PATCH] Fix memory errors on ppc Suzuki Poulose
2011-04-27 12:05 ` Simon Horman
-- strict thread matches above, loose matches on Subject: below --
2011-04-27 10:08 Suzuki Poulose
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.