From 78a9e00a3a9885298f09079c026bf5415c137cca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Thu, 20 May 2010 16:19:17 +0200
Subject: [PATCH] check the length of the parameters line

The value of the parameters variable in zipl.conf that is passed as to the kernel
into /proc/cmdline is silently truncated to 896 bytes (it matches the value of
BOOT_PARM_LENGTH from boot/menu.S). Thus we add a check into zipl and end with
an error if the line is longer.
---
 zipl/include/zipl.h |    3 +++
 zipl/src/job.c      |    8 ++++++++
 2 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/zipl/include/zipl.h b/zipl/include/zipl.h
index d2d26dd..5e02f13 100644
--- a/zipl/include/zipl.h
+++ b/zipl/include/zipl.h
@@ -40,6 +40,9 @@
 
 #define MAX_DUMP_VOLUMES		32
 
+/* defined in boot/menu.S as MENU_PARM_LENGTH */
+#define PARMLINE_LENGTH			896
+
 /* Internal component load address type */
 typedef uint64_t address_t;
 
diff --git a/zipl/src/job.c b/zipl/src/job.c
index a65e8c1..76ed5df 100644
--- a/zipl/src/job.c
+++ b/zipl/src/job.c
@@ -894,6 +894,14 @@ get_parmline(char* filename, char* line, char** parmline, address_t* address,
 			return -1;
 
 	} else result = NULL;
+	/* check the maximum possible length */
+	if (result) {
+		len = strlen(result);
+		if (len > PARMLINE_LENGTH) {
+			error_text("The length of parameters line (%d bytes) exceeds the allowed maximum (%d bytes)", len, PARMLINE_LENGTH);
+			return -1;
+		}
+	}
 	*parmline = result;
 	*address = addr;
 	return 0;
-- 
1.6.6.1