This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 09/15/2016 06:05 AM, Zack Weinberg wrote:
+void +internal_function +__glibc_read_memory(const void *s, size_t len) +{ + asm volatile (""); +}
This leaks the address S to possibly-buggy code, bypassing address randomization. For example, if a function body ends in 'explicit_bzero (&x, sizeof x)', then &x is likely to be in a machine register or on the stack when explicit_bzero returns, more so than if explicit_bzero were never called. If a key is stored next to other somewhat-sensitive data this will make the somewhat-sensitive data more vulnerable than it otherwise would be.
To help avoid this problem, __glibc_read_member could clear all caller-save registers (including the return register of course). This would not entirely prevent the problem, but that's OK as explicit_bzero does not pretend to entirely prevent information leakage.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |