This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Fix i386 memmove issue [BZ #22644]
- From: Andrew Senkevich <andrew dot n dot senkevich at gmail dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: Andreas Schwab <schwab at suse dot de>, "H.J. Lu" <hjl dot tools at gmail dot com>, libc-alpha <libc-alpha at sourceware dot org>, Max Horn <max at quendi dot de>, thomas at grindinggear dot com
- Date: Mon, 19 Mar 2018 15:00:12 +0100
- Subject: Re: [PATCH] Fix i386 memmove issue [BZ #22644]
- References: <CAMXFM3s5b2a6o_CMS0cJ35oE3SuJUHssqLAUY94LSZhEEtG71A@mail.gmail.com> <mvm606ts2w6.fsf@suse.de> <CAMXFM3vqw7eiUT1XYVZWyW=eJkgEpjNc74A8mbmdKuR_hywN3w@mail.gmail.com> <CAMe9rOo4Ys=ScEKKnuv5XvYqTHjvFxSkXjch8ya8sX7dfP+q4Q@mail.gmail.com> <CAMXFM3vA=-LSK5VtKhhbs0g9faBdG0GjoAbNb6OPEbSt8dAA7A@mail.gmail.com> <mvmlgeojjmi.fsf@suse.de> <597954a1-85da-e524-1454-27c46af57413@redhat.com>
2018-03-19 14:17 GMT+01:00 Florian Weimer <fweimer@redhat.com>:
> On 03/19/2018 02:11 PM, Andreas Schwab wrote:
>>
>> On Mär 19 2018, Andrew Senkevich<andrew.n.senkevich@gmail.com> wrote:
>>
>>> +static void
>>> +do_test2 (void)
>>> +{
>>> + uint32_t num = 0x20000000;
>>> + uint32_t * large_buf;
>>> +
>>> + large_buf = mmap ((void*)0x70000000, num, PROT_READ | PROT_WRITE,
>>> + MAP_PRIVATE | MAP_ANON | MAP_FIXED, -1, 0);
>>
>> Since you are using MAP_FIXED this may overwrite an existing mapping.
>
>
> Leading to a hard-to-debug crash, maybe sporadically due to ASLR. Yes, I
> have this concern as well.
>
> There was a long, long Linux thread about a non-overriding MAP_FIXED
> variant, but as far as I can see, this has not been merged. Maybe it would
> have helped here.
>
> Is it very difficult to split out this test into a separate test file? Then
> link the whole thing statically, as non-PIE, and keep using MAP_FIXED. This
> should make it quite likely that you don't override anything valuable.
I think not very difficult, I will try this way.
--
WBR,
Andrew