This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)

From: Adhemerval Zanella <azanella at linux dot vnet dot ibm dot com>
To: "Carlos O'Donell" <carlos at redhat dot com>
Cc: libc-alpha at sourceware dot org
Date: Thu, 26 Sep 2013 12:07:53 -0300
Subject: Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
Authentication-results: sourceware.org; auth=none
References: <51E8EDF2 dot 40204 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1307191644090 dot 9428 at digraph dot polyomino dot org dot uk> <51EC3044 dot 4080509 at redhat dot com> <mvmeha5ed9r dot fsf at hawking dot suse dot de> <5202AD5B dot 40105 at redhat dot com> <523FC842 dot 7040909 at redhat dot com> <52432FA2 dot 7090306 at linux dot vnet dot ibm dot com> <52444D3E dot 1090503 at redhat dot com>

On 26-09-2013 12:05, Carlos O'Donell wrote:
> On 09/25/2013 02:46 PM, Adhemerval Zanella wrote:
>> On 23-09-2013 01:49, Carlos O'Donell wrote:
>>> diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>>> index 9da879c..4620f96 100644
>>> --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
>>> +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>>> @@ -2,3 +2,13 @@
>>>
>>>  #define STACK_CHK_GUARD \
>>>    ({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })
>>> +
>>> +#define POINTER_CHK_GUARD \
>>> +  ({												\
>>> +     uintptr_t x;										\
>>> +     asm ("ld %0,%1(2)"										\
>>> +	  : "=r" (x)										\
>>> +	  : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))	\
>>> +         );											\
>>> +     x;												\
>>> +   })
>> Thanks for the patch Carlos, I pushed this obvious fix:
>>
>> diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> index 4620f96..e80a683 100644
>> --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
>> @@ -6,7 +6,7 @@
>>  #define POINTER_CHK_GUARD \
>>    ({                                                                                           \
>>       uintptr_t x;                                                                              \
>> -     asm ("ld %0,%1(2)"                                                                                \
>> +     asm ("ld %0,%1(13)"                                                                               \
>>           : "=r" (x)                                                                            \
>>           : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))     \
>>           );                                                                                    \
>>
> Sorry, I thought I had already fixed that, but perhaps
> this fix didn't make it into my final merged version of
> the patch. It obviously would have failed in my ppc64
> testing, so I must have failed to merge that fix.
>
> Thanks for fixing this! I assume the test passes now?
>
> Cheers,
> Carlos.
>
Yeah, they do.

References:
- [PATCH] BZ #15754: CVE-2013-4788 (v3)
  - From: Carlos O'Donell
- Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
  - From: Adhemerval Zanella
- Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]