This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] BZ #15754: CVE-2013-4788: PTR_MANGLE does not initialize to a random value for the pointer guard when compiling static executables
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: "Joseph S. Myers" <joseph at codesourcery dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>, Ismael Ripoll <iripoll at disca dot upv dot es>, Hector Marco <hecmargi at upv dot es>, Siddhesh Poyarekar <siddhesh at redhat dot com>, Andreas Jaeger <aj at suse dot com>
- Date: Sun, 21 Jul 2013 15:02:28 -0400
- Subject: Re: [PATCH] BZ #15754: CVE-2013-4788: PTR_MANGLE does not initialize to a random value for the pointer guard when compiling static executables
- References: <51E8EDF2 dot 40204 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1307191644090 dot 9428 at digraph dot polyomino dot org dot uk>
On 07/19/2013 12:52 PM, Joseph S. Myers wrote:
> On Fri, 19 Jul 2013, Carlos O'Donell wrote:
>
>> This test only passes on x86-64, all other targets need to
>> implement POINTER_CHK_GUARD in stackguard-macros.h to pass
>> the test (and even build at this point). We might want to
>> rename stackguard-macros.h, but I didn't.
>
> You should definitely update sysdeps/generic/stackguard-macros.h to
> (declare the variable and) define POINTER_CHK_GUARD for the
> non-THREAD_SET_POINTER_GUARD case.
>
Good catch, I missed that.
The additional changes are:
v2
- Fix sysdeps/generic/stackguard-macros.h
* sysdeps/generic/stackguard-macros.h: Define __pointer_chk_guard
and POINTER_CHK_GUARD.
diff --git a/sysdeps/generic/stackguard-macros.h b/sysdeps/generic/stackguard-macros.h
index ababf65..77408c6 100644
--- a/sysdeps/generic/stackguard-macros.h
+++ b/sysdeps/generic/stackguard-macros.h
@@ -2,3 +2,6 @@
extern uintptr_t __stack_chk_guard;
#define STACK_CHK_GUARD __stack_chk_guard
+
+extern uintptr_t __pointer_chk_guard;
+#define POINTER_CHK_GUARD __pointer_chk_guard