diff options
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | string/test-memchr.c | 9 | ||||
| -rw-r--r-- | sysdeps/x86_64/memchr.S | 6 |
3 files changed, 18 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog index f090910793..297205c8af 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2016-12-27 Adhemerval Zanella <adhemerval.zanella@linaro.org> + + [BZ# 19387] + * sysdeps/x86_64/memchr.S (memchr): Avoid overflow in pointer + addition. + * string/test-memchr.c (do_test): Remove alignment limitation. + (test_main): Add test that trigger BZ# 19387. + 2016-12-26 Nick Alcock <nick.alcock@oracle.com> [BZ #7065] diff --git a/string/test-memchr.c b/string/test-memchr.c index 0690cb4530..10d696a84e 100644 --- a/string/test-memchr.c +++ b/string/test-memchr.c @@ -76,7 +76,6 @@ do_test (size_t align, size_t pos, size_t len, size_t n, int seek_char) size_t i; CHAR *result; - align &= 7; if ((align + len) * sizeof (CHAR) >= page_size) return; @@ -194,12 +193,12 @@ test_main (void) do_test (i, 64, 256, SIZE_MAX, 0); } - for (i = 1; i < 16; ++i) + for (i = 1; i < 64; ++i) { - for (j = 1; j < 16; j++) + for (j = 1; j < 64; j++) { - do_test (0, 16 - j, 16, SIZE_MAX, 23); - do_test (i, 16 - j, 16, SIZE_MAX, 23); + do_test (0, 64 - j, 64, SIZE_MAX, 23); + do_test (i, 64 - j, 64, SIZE_MAX, 23); } } diff --git a/sysdeps/x86_64/memchr.S b/sysdeps/x86_64/memchr.S index 132eacba8f..1e34568039 100644 --- a/sysdeps/x86_64/memchr.S +++ b/sysdeps/x86_64/memchr.S @@ -76,7 +76,13 @@ L(crosscache): .p2align 4 L(unaligned_no_match): + /* Calculate the last acceptable address and check for possible + addition overflow by using satured math: + rdx = rcx + rdx + rdx |= -(rdx < rcx) */ add %rcx, %rdx + sbb %rax, %rax + or %rax, %rdx sub $16, %rdx jbe L(return_null) add $16, %rdi |