This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
- From: Adhemerval Zanella <azanella at linux dot vnet dot ibm dot com>
- To: libc-alpha at sourceware dot org
- Date: Wed, 25 Sep 2013 15:46:58 -0300
- Subject: Re: [PATCH] BZ #15754: CVE-2013-4788 (v3)
- Authentication-results: sourceware.org; auth=none
- References: <51E8EDF2 dot 40204 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1307191644090 dot 9428 at digraph dot polyomino dot org dot uk> <51EC3044 dot 4080509 at redhat dot com> <mvmeha5ed9r dot fsf at hawking dot suse dot de> <5202AD5B dot 40105 at redhat dot com> <523FC842 dot 7040909 at redhat dot com>
On 23-09-2013 01:49, Carlos O'Donell wrote:
> diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
> index 9da879c..4620f96 100644
> --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
> +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
> @@ -2,3 +2,13 @@
>
> #define STACK_CHK_GUARD \
> ({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })
> +
> +#define POINTER_CHK_GUARD \
> + ({ \
> + uintptr_t x; \
> + asm ("ld %0,%1(2)" \
> + : "=r" (x) \
> + : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
> + ); \
> + x; \
> + })
Thanks for the patch Carlos, I pushed this obvious fix:
diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
index 4620f96..e80a683 100644
--- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
+++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
@@ -6,7 +6,7 @@
#define POINTER_CHK_GUARD \
({ \
uintptr_t x; \
- asm ("ld %0,%1(2)" \
+ asm ("ld %0,%1(13)" \
: "=r" (x) \
: "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
); \