[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH] tools/xenstored: Fix off-by-one in dump_state_nodes()
On 29.07.21 11:34, Julien Grall wrote: From: Julien Grall <jgrall@xxxxxxxxxx> The maximum path length supported by Xenstored protocol is XENSTORE_ABS_PATH_MAX (i.e 3072). This doesn't take into account the NUL at the end of the path. However, the code to dump the nodes will allocate a buffer of XENSTORE_ABS_PATH. As a result it may not be possible to live-update if there is a node name of XENSTORE_ABS_PATH. Fix it by allocating a buffer of XENSTORE_ABS_PATH_MAX + 1 characters. Take the opportunity to pass the max length of the buffer as a parameter of dump_state_node_tree(). This will be clearer that the check in the function is linked to the allocation in dump_state_nodes(). Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx> Reviewed-by: Juergen Gross <jgross@xxxxxxxx> --- This was spotted when backporting Live-Update to 4.11 because the commit 924bf8c793 "tools/xenstore: rework path length check" is not present. On the latest upstream, this is looks more a latent bug because I didn't manage to create such large node. Yes, the path length is limited to "/local/domain/<id>/" + the max relative path length. Juergen Attachment:
OpenPGP_0xB0DE9DD628BF132F.asc Attachment:
OpenPGP_signature
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |