[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Hazardous memset/memcpy idiom (was Re: [PATCH] x86: fix null pointer dereference in intel_get_extended_msrs())

To: Jan Beulich <JBeulich@xxxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxxxxx>, Keir Fraser <keir.xen@xxxxxxxxx>, "Tim (Xen.org)" <tim@xxxxxxx>
From: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Date: Tue, 26 Feb 2013 17:08:34 +0000
Cc: Xi Wang <xi@xxxxxxx>, xen-devel@xxxxxxxxxxxxx
Delivery-date: Tue, 26 Feb 2013 17:08:51 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Xi Wang writes ("[Xen-devel] [PATCH] x86: fix null pointer dereference in 
intel_get_extended_msrs()"):
> `memset(&mc_ext, 0, ...)' leads to a buffer overflow and a subsequent
> null pointer dereference.  Replace `&mc_ext' with `mc_ext'.

Really I think we shouldn't be writing out these kind of memsets.
They're too error-prone.  We should have a macro, perhaps like this:

  #define FILLZERO(object) memset(&(object), 0, sizeof(object))

Likewise a copy macro.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- [Xen-devel] Hazardous memset/memcpy idiom (was Re: [PATCH] x86: fix null pointer dereference in intel_get_extended_msrs())
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH] x86: fix null pointer dereference in intel_get_extended_msrs()
  - From: Xi Wang

Prev by Date: Re: [Xen-devel] [PATCH to X86 PV MMU Wiki v2] Expand th e bootup section to include ELF and memory layout
Next by Date: Re: [Xen-devel] [PATCH v2] tools: Improve make deb
Previous by thread: [Xen-devel] [PATCH] x86: fix null pointer dereference in intel_get_extended_msrs()
Next by thread: [Xen-devel] Hazardous memset/memcpy idiom (was Re: [PATCH] x86: fix null pointer dereference in intel_get_extended_msrs())
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.