klibc-bot for Greg Thelen
2022-Aug-28 21:03 UTC
[klibc] [klibc:master] arm64: store 4 bytes in arm64 errno
Commit-ID: 7b813e0f793a78a6bf01afe371ea5b66144daa43 Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=7b813e0f793a78a6bf01afe371ea5b66144daa43 Author: Greg Thelen <gthelen at google.com> AuthorDate: Mon, 15 Aug 2022 02:05:41 -0700 Committer: Ben Hutchings <ben at decadent.org.uk> CommitDate: Sun, 28 Aug 2022 22:44:19 +0200 [klibc] arm64: store 4 bytes in arm64 errno The arm64 post-syscall code (below) checks the syscall retval (x0) and conditionally sets errno: __syscall_common: cmp x0, #0x0 b.ge 2f neg x0, x0 ldr x8, 1f str x0, [x8] mov x0, #-1 2: ret 1: .dword errno There is a bug. When the syscall returns a negative value "str x0, [x8]" stores 8 bytes in the 4 byte errno. The 4 bytes that follow errno are clobbered, which depending on linker data placement can corrupt important process memory. Only store 4 bytes in errno to avoid corruption. Fixes: e4a2c914446b ("[klibc] arm64: Add arm64 support") Signed-off-by: Greg Thelen <gthelen at google.com> Signed-off-by: Ben Hutchings <ben at decadent.org.uk> --- usr/klibc/arch/arm64/syscall.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/klibc/arch/arm64/syscall.S b/usr/klibc/arch/arm64/syscall.S index 3ce91fb7..e1004122 100644 --- a/usr/klibc/arch/arm64/syscall.S +++ b/usr/klibc/arch/arm64/syscall.S @@ -17,7 +17,7 @@ __syscall_common: b.ge 2f neg x0, x0 ldr x8, 1f - str x0, [x8] + str w0, [x8] mov x0, #-1 2: ret