kexec-tools: check for underun and only read required data

> Make sure that there is at least 8 bytes available to be read,
> and only read exactly 8 bytes.
>
> Signed-off-by: Simon Horman <horms@verge.net.au>

Hmm. I think this is not the correct place to have this check. 
variable len can take values anywhere from 4 to 80. With this
patch applied the kexec tools fails to load the panic kernel.

old:/home/sachin/b # /tmp/run1
get memory ranges:1
Modified cmdline:root=/dev/sda3  diag elfcorehdr=39100K savemaxmem=3840M
unrecoverable error: not enough data for mem property
old:/home/sachin/b #

The correct place should be after the strncmp() call.

Something like the attached patch.

Signed-off-by : Sachin Sant <sachinp@in.ibm.com>
Signed-off-by: Simon Horman <horms@verge.net.au>

1 files changed, 5 insertions, 1 deletions

diff --git a/kexec/arch/ppc64/fs2dt.c b/kexec/arch/ppc64/fs2dt.c
index 30b785f..a48cf23 100644
--- a/kexec/arch/ppc64/fs2dt.c
+++ b/kexec/arch/ppc64/fs2dt.c
@@ -111,7 +111,7 @@ static unsigned propnum(const char *name)
 static void add_usable_mem_property(int fd, int len)
 {
 	char fname[MAXPATH], *bname;
-	char buf[MAXBYTES +1];
+	unsigned long long buf[2];
 	unsigned long ranges[2*MAX_MEMORY_RANGES];
 	unsigned long long base, end, loc_base, loc_end;
 	int range, rlen = 0;
@@ -123,6 +123,10 @@ static void add_usable_mem_property(int fd, int len)
 	if (strncmp(bname, "/memory@", 8))
 		return;
 
+	if (len < 2 * sizeof(unsigned long long))
+		die("unrecoverable error: not enough data for mem property\n");
+	len = 2 * sizeof(unsigned long long);
+
 	if (lseek(fd, 0, SEEK_SET) < 0)
 		die("unrecoverable error: error seeking in \"%s\": %s\n",
 		    pathname, strerror(errno));