From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Tue, 3 Jul 2012 12:51:14 +0000 (+0100)
Subject: xen: Fix off-by-one error when parsing command line arguments
X-Git-Tag: 4.0.4-rc3~1
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=6059c860c585370fff466ae998ee9e1564dfb003;p=xen.git

xen: Fix off-by-one error when parsing command line arguments

As Xen currently stands, it will attempt to interpret the first few
bytes of the initcall section as a struct kernel_param.

The reason that this not caused problems is because in the overflow
case, param->name is actually a function pointer to the first
initcall, and intepreting it as string is very unlikely to match an
ASCII command line parameter name.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
xen-unstable changeset:   25587:2cffb7bf6e57
xen-unstable date:        Tue Jul 03 13:38:19 2012 +0100
---

diff --git a/xen/common/kernel.c b/xen/common/kernel.c
index f45fb9ab36..d85d4d9b73 100644
--- a/xen/common/kernel.c
+++ b/xen/common/kernel.c
@@ -68,7 +68,7 @@ void cmdline_parse(char *cmdline)
         if ( !bool_assert )
             optkey += 3;
 
-        for ( param = &__setup_start; param <= &__setup_end; param++ )
+        for ( param = &__setup_start; param < &__setup_end; param++ )
         {
             if ( strcmp(param->name, optkey) )
                 continue;