klibc-bot for Greg Thelen
2022-Aug-28 21:03 UTC
[klibc] [klibc:master] arm64: store 4 bytes in arm64 errno
Commit-ID: 7b813e0f793a78a6bf01afe371ea5b66144daa43
Gitweb:
http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=7b813e0f793a78a6bf01afe371ea5b66144daa43
Author: Greg Thelen <gthelen at google.com>
AuthorDate: Mon, 15 Aug 2022 02:05:41 -0700
Committer: Ben Hutchings <ben at decadent.org.uk>
CommitDate: Sun, 28 Aug 2022 22:44:19 +0200
[klibc] arm64: store 4 bytes in arm64 errno
The arm64 post-syscall code (below) checks the syscall retval (x0) and
conditionally sets errno:
__syscall_common:
cmp x0, #0x0
b.ge 2f
neg x0, x0
ldr x8, 1f
str x0, [x8]
mov x0, #-1
2:
ret
1:
.dword errno
There is a bug. When the syscall returns a negative value "str x0,
[x8]"
stores 8 bytes in the 4 byte errno. The 4 bytes that follow errno are
clobbered, which depending on linker data placement can corrupt
important process memory.
Only store 4 bytes in errno to avoid corruption.
Fixes: e4a2c914446b ("[klibc] arm64: Add arm64 support")
Signed-off-by: Greg Thelen <gthelen at google.com>
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
---
usr/klibc/arch/arm64/syscall.S | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/usr/klibc/arch/arm64/syscall.S b/usr/klibc/arch/arm64/syscall.S
index 3ce91fb7..e1004122 100644
--- a/usr/klibc/arch/arm64/syscall.S
+++ b/usr/klibc/arch/arm64/syscall.S
@@ -17,7 +17,7 @@ __syscall_common:
b.ge 2f
neg x0, x0
ldr x8, 1f
- str x0, [x8]
+ str w0, [x8]
mov x0, #-1
2:
ret