scratch_alloc() set scratch_start to the last byte of the current allocation. The value of scratch_start is then reused as is (if it is already aligned) in the next allocation. This result in a potential reuse of the last byte of the previous allocation.
Signed-off-by: Anthony PERARD <anthony.per...@citrix.com> --- tools/firmware/hvmloader/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/firmware/hvmloader/util.c b/tools/firmware/hvmloader/util.c index d779fd7..42e8af4 100644 --- a/tools/firmware/hvmloader/util.c +++ b/tools/firmware/hvmloader/util.c @@ -479,7 +479,7 @@ void *scratch_alloc(uint32_t size, uint32_t align) align = 16; s = (scratch_start + align - 1) & ~(align - 1); - e = s + size - 1; + e = s + size; BUG_ON(e < s); -- Anthony PERARD _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel