dgit.raspbian.org Git - xen.git/commit

author	Ian Campbell <ian.campbell@citrix.com>
	Thu, 20 Nov 2014 15:48:47 +0000 (15:48 +0000)
committer	Ian Campbell <ian.campbell@citrix.com>
	Tue, 25 Nov 2014 15:53:53 +0000 (15:53 +0000)
commit	8f4023dd7d77de7b2c1af77e86637202a33f948a
tree	0d5676d393768ff7483307b8b16eb64cc346dc5e	tree \| snapshot
parent	d17405f8153f7419db680a183f10129410feca05	commit \| diff

libxc: don't leak buffer containing the uncompressed PV kernel

The libxc xc_dom_* infrastructure uses a very simple malloc memory pool which
is freed by xc_dom_release. However the various xc_try_*_decode routines (other
than the gzip one) just use plain malloc/realloc and therefore the buffer ends
up leaked.

The memory pool currently supports mmap'd buffers as well as a directly
allocated buffers, however the try decode routines make use of realloc and do
not fit well into this model. Introduce a concept of an external memory block
to the memory pool and provide an interface to register such memory.

The mmap_ptr and mmap_len fields of the memblock tracking struct lose their
mmap_ prefix since they are now also used for external memory blocks.

We are only seeing this now because the gzip decoder doesn't leak and it's only
relatively recently that kernels in the wild have switched to better
compression.

This is https://bugs.debian.org/767295

Reported by: Gedalya <gedalya@gedalya.net>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>

tools/libxc/include/xc_dom.h		diff \| blob \| history
tools/libxc/xc_dom_bzimageloader.c		diff \| blob \| history
tools/libxc/xc_dom_core.c		diff \| blob \| history
tools/libxc/xc_dom_decompress_lz4.c		diff \| blob \| history