From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Jackson <Ian.Jackson@eu.citrix.com>
Subject: Re: [PATCH 03/22] libxc: Fix range checking in
 xc_dom_pfn_to_ptr etc.
Date: Mon, 10 Jun 2013 16:48:52 +0100
Message-ID: <20917.62820.223530.788246@mariner.uk.xensource.com>
References: <1370629642-6990-1-git-send-email-ian.jackson@eu.citrix.com>
	<1370629642-6990-4-git-send-email-ian.jackson@eu.citrix.com>
	<51B5F4D4.1000402@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <51B5F4D4.1000402@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, "mattjd@gmail.com" <mattjd@gmail.com>, "security@xen.org" <security@xen.org>
List-Id: xen-devel@lists.xenproject.org

Andrew Cooper writes ("Re: [PATCH 03/22] libxc: Fix range checking in xc_dom_pfn_to_ptr etc."):
> In PATCH 2, the pages_out parameter is optional in so far as it is
> checked for being NULL.
> 
> Here, the safe_region_out parameter is not optional, in so far as we
> unconditionally fault if it is NULL. (unless someone is playing games
> and mapping something at address 0)

Maybe it would be better to change the function in patch 2, instead.

After all, ideally, we don't want people calling either of these
without receiving the length.  And the patch 2 function is provided
specifically as a version to provide the length so there's no need to
pass NULL.

Ian.