This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: Adhemerval Zanella <azanella at linux dot vnet dot ibm dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Thu, 26 Sep 2013 11:05:34 -0400
- Subject: Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
- Authentication-results: sourceware.org; auth=none
- References: <51E8EDF2 dot 40204 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1307191644090 dot 9428 at digraph dot polyomino dot org dot uk> <51EC3044 dot 4080509 at redhat dot com> <mvmeha5ed9r dot fsf at hawking dot suse dot de> <5202AD5B dot 40105 at redhat dot com> <523FC842 dot 7040909 at redhat dot com> <52432FA2 dot 7090306 at linux dot vnet dot ibm dot com>
On 09/25/2013 02:46 PM, Adhemerval Zanella wrote:
> On 23-09-2013 01:49, Carlos O'Donell wrote:
>> diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> index 9da879c..4620f96 100644
>> --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> @@ -2,3 +2,13 @@
>>
>> #define STACK_CHK_GUARD \
>> ({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })
>> +
>> +#define POINTER_CHK_GUARD \
>> + ({ \
>> + uintptr_t x; \
>> + asm ("ld %0,%1(2)" \
>> + : "=r" (x) \
>> + : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
>> + ); \
>> + x; \
>> + })
>
> Thanks for the patch Carlos, I pushed this obvious fix:
>
> diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
> index 4620f96..e80a683 100644
> --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
> +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
> @@ -6,7 +6,7 @@
> #define POINTER_CHK_GUARD \
> ({ \
> uintptr_t x; \
> - asm ("ld %0,%1(2)" \
> + asm ("ld %0,%1(13)" \
> : "=r" (x) \
> : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
> ); \
>
Sorry, I thought I had already fixed that, but perhaps
this fix didn't make it into my final merged version of
the patch. It obviously would have failed in my ppc64
testing, so I must have failed to merge that fix.
Thanks for fixing this! I assume the test passes now?
Cheers,
Carlos.