diff options
author | Keir Fraser <keir.fraser@citrix.com> | 2010-08-13 08:52:08 +0100 |
---|---|---|
committer | Keir Fraser <keir.fraser@citrix.com> | 2010-08-13 08:52:08 +0100 |
commit | 0bd549240b0f6fed6ede3a349c11fa7adb14acc1 (patch) | |
tree | ea33739a8972c69a36163836ea2d85bfffe46251 | |
parent | 70aaae402504b60f713ad07d5d95c5d0c83862d4 (diff) | |
download | xen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.tar.gz xen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.tar.bz2 xen-0bd549240b0f6fed6ede3a349c11fa7adb14acc1.zip |
xc: fix segfault in pv domain create if kernel is an invalid image
If libelf calls elf_err() or elf_msg() before elf_set_log() has been
called then it could potentially read an uninitialised log handling
callback function pointer from struct elf_binary. Fix this in libxc by
zeroing the structure before calling elf_init().
Signed-off-by: Gianni Tedesco <gianni.tedesco@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
xen-unstable changeset: 1d67dd785ef4
xen-unstable date: Mon Aug 09 17:43:18 2010 +0100
-rw-r--r-- | tools/libxc/xc_hvm_build.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/libxc/xc_hvm_build.c b/tools/libxc/xc_hvm_build.c index c460d97e17..c7a333e85c 100644 --- a/tools/libxc/xc_hvm_build.c +++ b/tools/libxc/xc_hvm_build.c @@ -127,6 +127,7 @@ static int setup_guest(int xc_handle, if ( memsize > target ) pod_mode = 1; + memset(&elf, 0, sizeof(elf)); if ( elf_init(&elf, image, image_size) != 0 ) goto error_out; elf_parse_binary(&elf); |