projects / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8bdd987)
xen/arm: domain_vgic_init: Check xzalloc_* return
authorJulien Grall <julien.grall@linaro.org>
Thu, 20 Mar 2014 13:51:26 +0000 (13:51 +0000)
committerIan Campbell <ian.campbell@citrix.com>
Fri, 21 Mar 2014 11:49:23 +0000 (11:49 +0000)
The allocations for shared_irqs and pending_irqs are not checked and use
later. This may lead to a Xen segfault if the hypervisor run out of memory.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
xen/arch/arm/vgic.c patch | blob | history

diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c
index 553411d3e178c5aca60254ff0e3eb784781d4864..9fc958615851d61646bd8afc580821f8308fab6d 100644 (file)
--- a/xen/arch/arm/vgic.c
+++ b/xen/arch/arm/vgic.c
@@ -89,8 +89,17 @@ int domain_vgic_init(struct domain *d)
 
     d->arch.vgic.shared_irqs =
         xzalloc_array(struct vgic_irq_rank, DOMAIN_NR_RANKS(d));
+    if ( d->arch.vgic.shared_irqs == NULL )
+        return -ENOMEM;
+
     d->arch.vgic.pending_irqs =
         xzalloc_array(struct pending_irq, d->arch.vgic.nr_lines);
+    if ( d->arch.vgic.pending_irqs == NULL )
+    {
+        xfree(d->arch.vgic.shared_irqs);
+        return -ENOMEM;
+    }
+
     for (i=0; i<d->arch.vgic.nr_lines; i++)
     {
         INIT_LIST_HEAD(&d->arch.vgic.pending_irqs[i].inflight);
Unnamed repository; edit this file 'description' to name the repository.