This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.24-595-g23d2770
- From: azanella at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 2 Jan 2017 19:53:14 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.24-595-g23d2770
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 23d27709a423aec32821e9a5198a10267107bae2 (commit)
from 62210e7eb1b270c72c2ee61a14015285cd817262 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=23d27709a423aec32821e9a5198a10267107bae2
commit 23d27709a423aec32821e9a5198a10267107bae2
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Mon Jan 2 12:20:21 2017 -0200
Fix i686 memchr for large input sizes
Similar to BZ#19387 and BZ#20971, both i686 memchr optimized assembly
implementations (memchr-sse2-bsf and memchr-sse2) do not handle the
size overflow correctly.
It is shown by the new tests added by commit 3daef2c8ee4df29, where
both implementation fails with size as SIZE_MAX.
This patch uses a similar strategy used on 3daef2c8ee4df2, where
saturared math is used for overflow case.
Checked on i686-linux-gnu.
[BZ #21014]
* sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S (MEMCHR): Avoid overflow
in pointer addition.
* sysdeps/i386/i686/multiarch/memchr-sse2.S (MEMCHR): Likewise.
diff --git a/ChangeLog b/ChangeLog
index a98aea2..d321a89 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2017-01-02 Adhemerval Zanella <adhemerval.zanella@linaro.org>
+
+ [BZ #21014]
+ * sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S (MEMCHR): Avoid overflow
+ in pointer addition.
+ * sysdeps/i386/i686/multiarch/memchr-sse2.S (MEMCHR): Likewise.
+
2017-01-02 Torvald Riegel <triegel@redhat.com>
* sysdeps/sparc/nptl/bits/pthreadtypes.h (pthread_cond_t): Adapt to
diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
index c035329..dd31648 100644
--- a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
+++ b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
@@ -149,9 +149,15 @@ L(crosscache):
.p2align 4
L(unaligned_no_match):
# ifndef USE_AS_RAWMEMCHR
- sub $16, %edx
+ /* Calculate the last acceptable address and check for possible
+ addition overflow by using satured math:
+ edx = ecx + edx
+ edx |= -(edx < ecx) */
add %ecx, %edx
- jle L(return_null)
+ sbb %eax, %eax
+ or %eax, %edx
+ sub $16, %edx
+ jbe L(return_null)
add $16, %edi
# else
add $16, %edx
diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S
index f1a11b5..910679c 100644
--- a/sysdeps/i386/i686/multiarch/memchr-sse2.S
+++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S
@@ -118,8 +118,14 @@ L(crosscache):
# ifndef USE_AS_RAWMEMCHR
jnz L(match_case2_prolog1)
lea -16(%edx), %edx
+ /* Calculate the last acceptable address and check for possible
+ addition overflow by using satured math:
+ edx = ecx + edx
+ edx |= -(edx < ecx) */
add %ecx, %edx
- jle L(return_null)
+ sbb %eax, %eax
+ or %eax, %edx
+ jbe L(return_null)
lea 16(%edi), %edi
# else
jnz L(match_case1_prolog1)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 7 +++++++
sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S | 10 ++++++++--
sysdeps/i386/i686/multiarch/memchr-sse2.S | 8 +++++++-
3 files changed, 22 insertions(+), 3 deletions(-)
hooks/post-receive
--
GNU C Library master sources