Add a maximum limit of physmap entries to save, so that when the guest
gets write access to physmap it cannot DOS the toolstack.
Signed-off-by: Stefano Stabellini <stefano.stabell...@eu.citrix.com>
Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
---
v6: Split out of xs permissions relaxation patch.
---
tools/libxl/libxl_dom.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c
index 6ded9c1..60e8f7f 100644
--- a/tools/libxl/libxl_dom.c
+++ b/tools/libxl/libxl_dom.c
@@ -1431,6 +1431,8 @@ static void append_string(libxl__gc *gc, char **buf,
uint32_t *len,
*len += extralen;
}
+#define MAX_PHYSMAP_ENTRIES 12
+
int libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
char **callee_buf,
uint32_t *callee_len)
@@ -1450,6 +1452,11 @@ int
libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
&nr_entries);
if (!entries || nr_entries == 0) { rc = 0; goto out; }
+ if (nr_entries > MAX_PHYSMAP_ENTRIES) {
+ LOG(ERROR, "Max physmap entries reached");
+ return ERROR_FAIL;
+ }
+
for (i = 0; i < nr_entries; ++i) {
static const char *const physmap_subkeys[] = {
"start_addr", "size", "name"
--
1.7.10.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
