aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKeir Fraser <keir.fraser@citrix.com>2010-08-13 08:52:08 +0100
committerKeir Fraser <keir.fraser@citrix.com>2010-08-13 08:52:08 +0100
commit0bd549240b0f6fed6ede3a349c11fa7adb14acc1 (patch)
treeea33739a8972c69a36163836ea2d85bfffe46251
parent70aaae402504b60f713ad07d5d95c5d0c83862d4 (diff)
downloadxen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.tar.gz
xen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.tar.bz2
xen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.zip
xc: fix segfault in pv domain create if kernel is an invalid image
If libelf calls elf_err() or elf_msg() before elf_set_log() has been called then it could potentially read an uninitialised log handling callback function pointer from struct elf_binary. Fix this in libxc by zeroing the structure before calling elf_init(). Signed-off-by: Gianni Tedesco <gianni.tedesco@citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> xen-unstable changeset: 1d67dd785ef4 xen-unstable date: Mon Aug 09 17:43:18 2010 +0100
Diffstat
-rw-r--r--tools/libxc/xc_hvm_build.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/libxc/xc_hvm_build.c b/tools/libxc/xc_hvm_build.c
index c460d97e17..c7a333e85c 100644
--- a/tools/libxc/xc_hvm_build.c
+++ b/tools/libxc/xc_hvm_build.c
@@ -127,6 +127,7 @@ static int setup_guest(int xc_handle,
if ( memsize > target )
pod_mode = 1;
+ memset(&elf, 0, sizeof(elf));
if ( elf_init(&elf, image, image_size) != 0 )
goto error_out;
elf_parse_binary(&elf);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-11 00:11:49 +0000