Re: [PATCH] Fix memory access errors for kexec PPC

Tue, 26 Apr 2011 23:42:36 -0700 

On 04/27/11 11:47, Simon Horman wrote:

On Wed, Apr 20, 2011 at 03:02:02PM +0530, Suzuki Poulose wrote:

Hi,

I was trying the kexec for ppc32 and came across a couple of memory errors
while running with glibc.

The attached patch is the outcome of the glibc's alerts !
We define buf[MAXBYTES-1] and issue  fread(buf, 1, MAXBYTES, file), which glibc
reports an error.

Also there is a typo in the realloc_memory_ranges() code for ppc which causes in
a double free().


Thanks,

could you please make this a formal submission by
supplying a Signed-off-by line?

I have updated the patch to use realloc instead of malloc() for memory_range.
---

Fix memory access errors for ppc

The patch fixes memory overflow errors and improper reallocation of memory 
ranges.

Signed-off-by: Suzuki K. Poulose <[email protected]>

diff --git a/kexec/arch/ppc/crashdump-powerpc.c 
b/kexec/arch/ppc/crashdump-powerpc.c
index 7bfad20..7853dbe 100644
--- a/kexec/arch/ppc/crashdump-powerpc.c
+++ b/kexec/arch/ppc/crashdump-powerpc.c
@@ -83,7 +83,7 @@ static int get_crash_memory_ranges(struct memory_range 
**range, int *ranges)
        int memory_ranges = 0;
        char device_tree[256] = "/proc/device-tree/";
        char fname[256];
-       char buf[MAXBYTES-1];
+       char buf[MAXBYTES];
        DIR *dir, *dmem;
        FILE *file;
        struct dirent *dentry, *mentry;
diff --git a/kexec/arch/ppc/kexec-ppc.c b/kexec/arch/ppc/kexec-ppc.c
index ab76d6f..96fbc12 100644
--- a/kexec/arch/ppc/kexec-ppc.c
+++ b/kexec/arch/ppc/kexec-ppc.c
@@ -192,11 +192,12 @@ static int realloc_memory_ranges(void)
        max_memory_ranges++;
        memory_range_len = sizeof(struct memory_range) * max_memory_ranges;
- memory_range = (struct memory_range *) malloc(memory_range_len); 
+       memory_range = (struct memory_range *) realloc(memory_range,
+                                                       memory_range_len);
        if (!memory_range)
                goto err;
- base_memory_range = (struct memory_range *) realloc(memory_range, 
+       base_memory_range = (struct memory_range *) realloc(base_memory_range,
                        memory_range_len);
        if (!base_memory_range)
                goto err;
@@ -319,7 +320,7 @@ static int get_devtree_details(unsigned long kexec_flags)
        unsigned long long htab_base, htab_size;
        unsigned long long kernel_end;
        unsigned long long initrd_start, initrd_end;
-       char buf[MAXBYTES-1];
+       char buf[MAXBYTES];
        char device_tree[256] = "/proc/device-tree/";
        char fname[256];
        DIR *dir, *cdir;

_______________________________________________
kexec mailing list
[email protected]
http://lists.infradead.org/mailman/listinfo/kexec

Reply via email to