diff options
| author | H.J. Lu <hjl.tools@gmail.com> | 2019-02-04 06:31:01 -0800 |
|---|---|---|
| committer | H.J. Lu <hjl.tools@gmail.com> | 2019-02-04 06:31:13 -0800 |
| commit | 3f635fb43389b54f682fc9ed2acc0b2aaf4a923d (patch) | |
| tree | b157161b8ab3dd20e7304706c6cf8ecd6a91164b /ChangeLog | |
| parent | 2ab5741b8a96d02eb89e455b1971a19e7aef67bc (diff) | |
| download | glibc-3f635fb43389b54f682fc9ed2acc0b2aaf4a923d.tar.gz glibc-3f635fb43389b54f682fc9ed2acc0b2aaf4a923d.tar.xz glibc-3f635fb43389b54f682fc9ed2acc0b2aaf4a923d.zip | |
x86-64 memcmp: Use unsigned Jcc instructions on size [BZ #24155]
Since the size argument is unsigned. we should use unsigned Jcc instructions, instead of signed, to check size. Tested on x86-64 and x32, with and without --disable-multi-arch. [BZ #24155] CVE-2019-7309 * NEWS: Updated for CVE-2019-7309. * sysdeps/x86_64/memcmp.S: Use RDX_LP for size. Clear the upper 32 bits of RDX register for x32. Use unsigned Jcc instructions, instead of signed. * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memcmp-2. * sysdeps/x86_64/x32/tst-size_t-memcmp-2.c: New test.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index 29bc4451ef..a0dcdac323 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,14 @@ +2019-02-04 H.J. Lu <hongjiu.lu@intel.com> + + [BZ #24155] + CVE-2019-7309 + * NEWS: Updated for CVE-2019-7309. + * sysdeps/x86_64/memcmp.S: Use RDX_LP for size. Clear the + upper 32 bits of RDX register for x32. Use unsigned Jcc + instructions, instead of signed. + * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memcmp-2. + * sysdeps/x86_64/x32/tst-size_t-memcmp-2.c: New test. + 2019-02-04 Florian Weimer <fweimer@redhat.com> * posix/spawn.h (posix_spawn, posix_spawnp): Add __nonnull attribute. |