[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 4/8] libelf: loop safety: Call elf_iter_ok_counted at every *mem*_unsafe
When we use elf_mem*_unsafe, we need to check that we are not doing too much work. Ensure that a call to elf_iter_ok_counted is near every call to elf_mem*_unsafe. (At one call site, just have a comment instead.) Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> --- xen/common/libelf/libelf-dominfo.c | 1 + xen/common/libelf/libelf-loader.c | 2 +- xen/common/libelf/libelf-tools.c | 6 ++++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/xen/common/libelf/libelf-dominfo.c b/xen/common/libelf/libelf-dominfo.c index b139e32..87a47d9 100644 --- a/xen/common/libelf/libelf-dominfo.c +++ b/xen/common/libelf/libelf-dominfo.c @@ -498,6 +498,7 @@ elf_errorstatus elf_xen_parse(struct elf_binary *elf, unsigned total_note_count = 0; elf_memset_unchecked(parms, 0, sizeof(*parms)); + elf_iter_ok_counted(elf, sizeof(*parms)); parms->virt_base = UNSET_ADDR; parms->virt_entry = UNSET_ADDR; parms->virt_hypercall = UNSET_ADDR; diff --git a/xen/common/libelf/libelf-loader.c b/xen/common/libelf/libelf-loader.c index 68c9021..d5e51d3 100644 --- a/xen/common/libelf/libelf-loader.c +++ b/xen/common/libelf/libelf-loader.c @@ -46,7 +46,7 @@ elf_errorstatus elf_init(struct elf_binary *elf, const char *image_input, size_t return -1; } - elf_memset_unchecked(elf, 0, sizeof(*elf)); + elf_memset_unchecked(elf, 0, sizeof(*elf)); /* loop safety: singleton */ elf->image_base = image_input; elf->size = size; elf->ehdr = ELF_MAKE_HANDLE(elf_ehdr, (elf_ptrval)image_input); diff --git a/xen/common/libelf/libelf-tools.c b/xen/common/libelf/libelf-tools.c index 56dab63..ab83150 100644 --- a/xen/common/libelf/libelf-tools.c +++ b/xen/common/libelf/libelf-tools.c @@ -69,7 +69,8 @@ void elf_memcpy_safe(struct elf_binary *elf, elf_ptrval dst, elf_ptrval src, size_t size) { if ( elf_access_ok(elf, dst, size) && - elf_access_ok(elf, src, size) ) + elf_access_ok(elf, src, size) && + elf_iter_ok_counted(elf, size) ) { /* use memmove because these checks do not prove that the * regions don't overlap and overlapping regions grant @@ -80,7 +81,8 @@ void elf_memcpy_safe(struct elf_binary *elf, elf_ptrval dst, void elf_memset_safe(struct elf_binary *elf, elf_ptrval dst, int c, size_t size) { - if ( elf_access_ok(elf, dst, size) ) + if ( elf_access_ok(elf, dst, size) && + elf_iter_ok_counted(elf, size)) { elf_memset_unchecked(ELF_UNSAFE_PTR(dst), c, size); } -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |