about summary refs log tree commit diff
diff options
context:
space:
mode:
authorSamuel Thibault <samuel.thibault@ens-lyon.org>2016-09-22 02:43:39 +0200
committerSamuel Thibault <samuel.thibault@ens-lyon.org>2016-09-22 02:43:39 +0200
commit444eacba82f675d4657ad55da67b355536be90ab (patch)
treea717e57ed96af770fa5903758b2c046bf8c7eb11
parente67f54ab1a6253dd69cb2c770d785c7eb6d2172c (diff)
downloadglibc-444eacba82f675d4657ad55da67b355536be90ab.tar.gz
glibc-444eacba82f675d4657ad55da67b355536be90ab.tar.xz
glibc-444eacba82f675d4657ad55da67b355536be90ab.zip
hurd: Fix stack pointer corruption in syscall
Thanks Justus Winter for the report.

	* sysdeps/mach/i386/syscall.S (syscall): Push back syscall number.
-rw-r--r--ChangeLog1
-rw-r--r--sysdeps/mach/i386/syscall.S3
2 files changed, 4 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index b2add6a3e3..abd699536b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,7 @@
 	_hurd_malloc_fork_prepare after that. Call _hurd_malloc_fork_parent
 	before __malloc_fork_unlock_parent and _hurd_malloc_fork_child before
 	__malloc_fork_unlock_child.
+	* sysdeps/mach/i386/syscall.S (syscall): Push back syscall number.
 
 2016-09-21  James Greenhalgh  <james.greenhalgh@arm.com>
 
diff --git a/sysdeps/mach/i386/syscall.S b/sysdeps/mach/i386/syscall.S
index adb7716948..643cddc9ba 100644
--- a/sysdeps/mach/i386/syscall.S
+++ b/sysdeps/mach/i386/syscall.S
@@ -22,5 +22,8 @@ ENTRY (syscall)
 	popl %eax		/* Pop syscall number into %eax.  */
 	pushl %ecx		/* Push back return address.  */
 	.byte 0x9a, 0, 0, 0, 0, 7, 0 /* lcall $7, $0 -- gas bug */
+	popl %ecx		/* Pop return address into %ecx.  */
+	pushl $0		/* Push back dumb syscall number.  */
+	pushl %ecx		/* Push back return address.  */
 	ret
 END (syscall)