From 213a2be7b4f08aba6d2e863106fa6c6b123f2360 Mon Sep 17 00:00:00 2001
From: Torvald Riegel <triegel@redhat.com>
Date: Fri, 3 Jul 2015 20:35:26 +0200
Subject: Do not create invalid pointers in C code of string functions.

Some of the x86 string functions create pointers based on input strings
that may be outside of the input strings.  When this happens in C code,
the compiler can potentially detect this, leading to warnings in
application code when those string functions are inlined.  Perform those
operations in the assembly code instead of the C code to fix this.
---
 sysdeps/x86/bits/string.h | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

(limited to 'sysdeps')

diff --git a/sysdeps/x86/bits/string.h b/sysdeps/x86/bits/string.h
index a117f6be1f..4973620b83 100644
--- a/sysdeps/x86/bits/string.h
+++ b/sysdeps/x86/bits/string.h
@@ -176,13 +176,15 @@ __memmove_g (void *__dest, const void *__src, size_t __n)
 	 "m" ( *(struct { __extension__ char __x[__n]; } *)__src));
   else
     __asm__ __volatile__
-      ("std\n\t"
+      ("decl %1\n\t"
+       "decl %2\n\t"
+       "std\n\t"
        "rep; movsb\n\t"
        "cld"
        : "=&c" (__d0), "=&S" (__d1), "=&D" (__d2),
 	 "=m" ( *(struct { __extension__ char __x[__n]; } *)__dest)
-       : "0" (__n), "1" (__n - 1 + (const char *) __src),
-	 "2" (__n - 1 + (char *) __tmp),
+       : "0" (__n), "1" (__n + (const char *) __src),
+	 "2" (__n + (char *) __tmp),
 	 "m" ( *(struct { __extension__ char __x[__n]; } *)__src));
   return __dest;
 }
@@ -999,9 +1001,10 @@ __strcat_c (char *__dest, const char __src[], size_t __srclen)
      : "cc");
   --__tmp;
 # else
-  register char *__tmp = __dest - 1;
+  register char *__tmp = __dest;
   __asm__ __volatile__
-    ("1:\n\t"
+    ("decl	%0\n\t"
+     "1:\n\t"
      "incl	%0\n\t"
      "cmpb	$0,(%0)\n\t"
      "jne	1b\n"
@@ -1020,10 +1023,11 @@ __STRING_INLINE char *__strcat_g (char *__dest, const char *__src);
 __STRING_INLINE char *
 __strcat_g (char *__dest, const char *__src)
 {
-  register char *__tmp = __dest - 1;
+  register char *__tmp = __dest;
   register char __dummy;
   __asm__ __volatile__
-    ("1:\n\t"
+    ("decl	%1\n\t"
+     "1:\n\t"
      "incl	%1\n\t"
      "cmpb	$0,(%1)\n\t"
      "jne	1b\n"
-- 
cgit 1.4.1