[PATCH] arm: fix memcpy and memmove for negative len [BZ #25620]
Thu Jun 4 09:16:16 GMT 2020
* Evgeny Eremin:
> Unsigned branch instructions could be used for r2 to fix the wrong
> behavior when a negative length is passed to memcpy and memmove
> An In-house testing hasn't reveal any functional regressions.
> Performance measurement & comparison are yet be done but the patch
> doesn't change the logic too much.
> This partially fixes CVE-2020-6096  "GNU glibc ARMv7 memcpy() memory
> corruption vulnerability".
> Signed-off-by: Konstantin Karasev <email@example.com>
> Signed-off-by: Anton Rybakov <firstname.lastname@example.org>
> Signed-off-by: Ildar Kamaletdinov <email@example.com>
> Signed-off-by: Alexander Anisimov <firstname.lastname@example.org>
>  https://nvd.nist.gov/vuln/detail/CVE-2020-6096
Thanks for working on this. Is this contribution covered by a copyright
assignment to the FSF? If not, would you be willing to file the
required paperwork with the FSF?
Do your changes fix string/tst-memmove-overflow for the baseline arm
More information about the Libc-alpha