Xen devel - Jul 2009 - libxc: Question on kernel image unzipping

Hi,

libxc contains the following function which is used when uncompressing 
zipped kernel images:

/* 
------------------------------------------------------------------------ */
/* read files, copy memory blocks, with transparent 
gunzip                  */

size_t xc_dom_check_gzip(void *blob, size_t ziplen)
{
    unsigned char *gzlen;
    size_t unziplen;

    if ( strncmp(blob, "\037\213", 2) )
        /* not gzipped */
        return 0;

    gzlen = blob + ziplen - 4;
    unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8
| gzlen[0];
    if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
    {
        xc_dom_printf
            ("%s: size (zip %zd, unzip %zd) looks insane, skip
gunzip\n",
             __FUNCTION__, ziplen, unziplen);
        return 0;
    }

    return unziplen + 16;
}


The returned unziplen+16 is used for the size of the destination buffer 
given to inflate. But it is then also written to the kernel_size 
attribute of the xc_dom_image struct. Hence kernel_size does not contain 
the uncompressed kernel size but that /plus/ 16.
So why do you always add 16 bytes to the *real* uncompressed kernel 
size?? That doesn''t make much sense to me but I need to know it because
it is related to my current work.

Thanks in advance.

P.S.: Anybody heard of "code documentation"? ;-)


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 09/07/2009 13:34, "Andreas Sommer" <AndiDog@web.de> wrote:
> libxc contains the following function which is used when uncompressing
zipped
> kernel images:
> size_t xc_dom_check_gzip(void *blob, size_t ziplen)
> {
>     ...
>     return unziplen + 16;
> }
> The returned unziplen+16 is used for the size of the destination buffer
given
> to inflate. But it is then also written to the kernel_size attribute of the
> xc_dom_image struct. Hence kernel_size does not contain the uncompressed
> kernel size but that plus 16.
> So why do you always add 16 bytes to the real uncompressed kernel size??
That
> doesn''t make much sense to me but I need to know it because it is
related to
> my current work.
Gerd Hoffman would be the person to ask. The +16 doesn''t appear to me
to
have any purpose.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 07/09/09 15:53, Keir Fraser wrote:
> On 09/07/2009 13:34, "Andreas Sommer"<AndiDog@web.de> 
wrote:
>
>> libxc contains the following function which is used when uncompressing
zipped
>> kernel images:
>> size_t xc_dom_check_gzip(void *blob, size_t ziplen)
>> {
>>      ...
>>      return unziplen + 16;
>> }
>> The returned unziplen+16 is used for the size of the destination buffer
given
>> to inflate. But it is then also written to the kernel_size attribute of
the
>> xc_dom_image struct. Hence kernel_size does not contain the
uncompressed
>> kernel size but that plus 16.
>> So why do you always add 16 bytes to the real uncompressed kernel
size?? That
>> doesn''t make much sense to me but I need to know it because it
is related to
>> my current work.
>
> Gerd Hoffman would be the person to ask. The +16 doesn''t appear to
me to
> have any purpose.
Oh, has been quite a while.  IIRC that is related to zlib needing some 
extra space.  So I *think* you can drop it there to get a correct 
kernel_size, but then you''ll have to care somewhere else (probably when
allocating the unzip target buffer) about the 16 extra bytes to make 
sure zlib doesn''t overrun the buffer.

But better double-check that ...

cheers,
   Gerd

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel