[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools/xl: Fix segfaults from `xl psr-cat-cbm-set` command line handling

Andrew Cooper writes ("[PATCH] tools/xl: Fix segfaults from `xl 
psr-cat-cbm-set` command line handling"):
> The socket option takes a mandatory argument.  Mark it as such, so
> optarg isn't NULL when passed to trim(), which unconditionally
> dereference it.
> 
> Range check optind against argc before blindly assuming that
> argv[optind] and argv[optind+1] exist.

Acked-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

> I started doing an audit of xl's command line handling, but got to the
> very first command (memmax) and found another segfault because of
> blindly assuming that argv[optind + 1] was available.
> 
> I fixed this example as I happened to use the command, but I currently
> lack the time to do a complete audit.  IMO, a full audit should be a
> blocker for 4.6, especially given the nature of XSA-137

Yes.  See also the 0/ message for my other fixes in this area.  (I
mention this since what I did was part of such an audit but probably
not a complete one.)

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.