| Message ID | 71f695945d1079b8f49f60bd0cfc59e0f3c2adfc.1666877952.git.szabolcs.nagy@arm.com |
|---|---|
| State | Committed |
| Commit | 3fa20d59d9607e4494dfbc99bacee1935ec5ded9 |
| Headers |
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
by sourceware.org (Postfix) with ESMTP id 68BCB38AA26C
for <patchwork@sourceware.org>; Thu, 27 Oct 2022 15:34:48 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 68BCB38AA26C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
s=default; t=1666884889;
bh=SKkhqAucc6MbCHdkpGZFlKybQRZfe5t09toOmkh2HKw=;
h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe:
List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
From;
b=L3/xC7293lX3K/Qcps/gVQRVH4qgWLUwuHzRWHP00Mzc6nwKgQ9bjfh5zVn4vrZex
4XcOCZpe4p0lUJgtViffPD3uq601j22vFFkVV0QZZB6YNupyAflRJHU+jJbzk+Xjkl
/gPK5yO/Q8ni+MOpNEYknNLOFVzUfCcZ8pce7cHc=
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from EUR04-DB3-obe.outbound.protection.outlook.com
(mail-eopbgr60060.outbound.protection.outlook.com [40.107.6.60])
by sourceware.org (Postfix) with ESMTPS id 6AA103887006
for <libc-alpha@sourceware.org>; Thu, 27 Oct 2022 15:32:52 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 6AA103887006
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass;
b=TnA6xo1DdstQQxloutsrsOuJlwKyLP23ls6ppfKTnl906XdnkZ2F478JGxwZs7kgrEO0h1PL3mfwXWnd7C+a83s/AoX7TPfm95GP/S+ysJsqVCgMo+6sWoMDpt3kYIG+t7MDrm8iaM1mrpaeAh1Q9zkgJTRf2mg4Z8/ROBkpsipZVIhtvfmL5/uHPTbXquoMr9zL6mzbkmrFUR59ub2MuKFrNSuX9WFr3qvVlGZi7LJpxGov8vz7s1zXPzFwui/2TP+lgO1SB6Xyfjtd/XTLX5hducTkpU6a6m/pOIVDyTrfBCkMzpp9YKslDoK+BQswrfSUPkRKIOkARPDeYeuT7Q==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=SKkhqAucc6MbCHdkpGZFlKybQRZfe5t09toOmkh2HKw=;
b=PG1PvbozwNQU48oQrjpR0WvdMJkka6JgVYQv/78gxgsbf4j56pRziRilw36B2PM0rUF7JBrm5P7PCrkUUYJBq4KSFlSPwY9FANkQPM/UGRBWyep4nndaD7dY6/X6LUpgBglLLJAUwl5JZNb9/h5xzNZNYw/gOtekHknJl5qYmQsLcZl/su8ezl1vO2ZpKDe1JYX/aT0Wx6Wwe8dY4EEKMhn0rIx8cPZArGsK0mb3OF3FwQ1qOyPmzZHrFswIw64WWY1iDJGqX41ShTMVVYN5icyIQoHyDZDPkkVf6RxDBrU95hF0NhKhDF8RIzka0k6JSceurt39vKeqZAyQFgu8lA==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is
63.35.35.123) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com;
dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com;
dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0
oda=1 ltdi=1 spf=[1, 1, smtp.mailfrom=arm.com] dmarc=[1, 1,
header.from=arm.com])
Received: from AM6P195CA0100.EURP195.PROD.OUTLOOK.COM (2603:10a6:209:86::41)
by DU0PR08MB7664.eurprd08.prod.outlook.com (2603:10a6:10:315::5) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28; Thu, 27 Oct
2022 15:32:50 +0000
Received: from AM7EUR03FT032.eop-EUR03.prod.protection.outlook.com
(2603:10a6:209:86:cafe::a1) by AM6P195CA0100.outlook.office365.com
(2603:10a6:209:86::41) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.29 via Frontend
Transport; Thu, 27 Oct 2022 15:32:50 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123)
smtp.mailfrom=arm.com; dkim=pass (signature was verified)
header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
63.35.35.123 as permitted sender) receiver=protection.outlook.com;
client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
pr=C
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by
AM7EUR03FT032.mail.protection.outlook.com (100.127.140.65) with
Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.5746.16 via Frontend Transport; Thu, 27 Oct 2022 15:32:49 +0000
Received: ("Tessian outbound b4aebcc5bc64:v130");
Thu, 27 Oct 2022 15:32:49 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: ab5dfa45457aa00e
X-CR-MTA-TID: 64aa7808
Received: from 9125101db377.1
by 64aa7808-outbound-1.mta.getcheckrecipient.com id
8783DF65-18F9-427B-AB52-4450B66D848B.1;
Thu, 27 Oct 2022 15:32:42 +0000
Received: from EUR05-VI1-obe.outbound.protection.outlook.com
by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id
9125101db377.1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384);
Thu, 27 Oct 2022 15:32:42 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=gerDGiZQi8KURRvHVR3JVpEyNus9uFzJB8G5uTPlgUBBpLNjttdta1TAb0f0qaMRdbeSJDHF/PBDPII3u22Y06sVpUO+7qHstPUlzy+M+3h6/m0Z58tVea486D5BwmiXjCXuLzY7IL9dVXHj0f6ybAx9DdxtE4jJS9A+3Il9SBUXIbQVlWJuronVr0TT15YcpEZInAheLlBI5KS4EBT2cehhGkmVYDfYH1ZBdURlJtLNKAKWSDTqnrqy292qM8QcrwKWaRNm79HTBssTSfMKx1zakCza4oyAnpmbyF8L25SYa8sYWZLbus4ksu4LFIlsMdJwr/8HMlu5+tdciW7kMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=SKkhqAucc6MbCHdkpGZFlKybQRZfe5t09toOmkh2HKw=;
b=Hj6zdK9G8TbgyLaWiM2Hw+1amK7V4o2r+9OQVGpezrUXKlS4CQ9vuH+kkwr+oUFa6oT517+kdhr5qS7nguXP9eo2QKiXF8tZOoEWBjll2ZRH8UbEySzkq//u6r8CLeTMmyIK9h1Y3pJARwy1ZQiApY3aOv4XBSkqOlg1D0MA7jJHH1Immb4RJZVH1Z9Fv4cZeBNPGHgYBF7/2Vctx4a7dGC09UiQvg33sojhR4w14BjqreB0u4xfVJ7VP4+8ie8+KIm78X1k1EpgYLA8C3u4AQRueN8FVQBk5F+O2+fvYzJ1gNcRvt9GsLnkF+Sr+gJ93e7fFHHTrBbQFJG7WeBz5g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
40.67.248.234) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com;
dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com;
dkim=none (message not signed); arc=none
Received: from DB8P191CA0002.EURP191.PROD.OUTLOOK.COM (2603:10a6:10:130::12)
by AM9PR08MB6115.eurprd08.prod.outlook.com (2603:10a6:20b:2df::14) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28; Thu, 27 Oct
2022 15:32:37 +0000
Received: from DBAEUR03FT046.eop-EUR03.prod.protection.outlook.com
(2603:10a6:10:130:cafe::a2) by DB8P191CA0002.outlook.office365.com
(2603:10a6:10:130::12) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.29 via Frontend
Transport; Thu, 27 Oct 2022 15:32:37 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234)
smtp.mailfrom=arm.com; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
40.67.248.234 as permitted sender) receiver=protection.outlook.com;
client-ip=40.67.248.234; helo=nebula.arm.com; pr=C
Received: from nebula.arm.com (40.67.248.234) by
DBAEUR03FT046.mail.protection.outlook.com (100.127.142.67) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.20.5723.20 via Frontend Transport; Thu, 27 Oct 2022 15:32:37 +0000
Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX03.Arm.com
(10.251.24.31) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.12; Thu, 27 Oct
2022 15:32:37 +0000
Received: from armchair.cambridge.arm.com (10.2.80.71) by mail.arm.com
(10.251.24.31) with Microsoft SMTP Server id 15.1.2507.12 via Frontend
Transport; Thu, 27 Oct 2022 15:32:36 +0000
To: <libc-alpha@sourceware.org>
Subject: [PATCH 06/20] Fix invalid pointer dereference in wcpcpy_chk
Date: Thu, 27 Oct 2022 16:32:36 +0100
Message-ID:
<71f695945d1079b8f49f60bd0cfc59e0f3c2adfc.1666877952.git.szabolcs.nagy@arm.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1666877952.git.szabolcs.nagy@arm.com>
References: <cover.1666877952.git.szabolcs.nagy@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-EOPAttributedMessage: 1
X-MS-TrafficTypeDiagnostic:
DBAEUR03FT046:EE_|AM9PR08MB6115:EE_|AM7EUR03FT032:EE_|DU0PR08MB7664:EE_
X-MS-Office365-Filtering-Correlation-Id: ae3f3e21-0228-4599-1223-08dab83081aa
x-checkrecipientrouted: true
NoDisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original:
BWyugvGH9sQwDD2vdOqLNoOE9qEzBE5Lmjy/K8E06N0OFjmCNp2GQFb5c5mwzPVIgwVPxD/DgME524ySpvNzk8DIw0/XPfchKatZb42vM3bD7EMXsG+Zklhfm5+4jnqVbCKf2OzPsDuCozlCLBl+fxGf7pbi8Mc0wJh9aqHnpZAKqN6pjxnSRBBUpCk3VmkBtk0bYWqdDM0vzx+Hmrz2CoKfRJhAVDtYIwEqPMMIUFmthxLhjgMckD2gzjxxQSBhmQbcuTJLI/UZ7emer63VaDuJ77r72kCGsh5jTXtOTm9W745MYKoD1Q4AwsaUG6/9bAV4HMxAix+MPdMdLbCbM1dw1/YTtCaDtkxloQq2zqcYeHkcM0qtCxLfNO7vPAjerNsoxO/Kxy3Gi8CcakdwTGcaortpwZPvqEPKlXAXGerrKXBwVG5QBDEo205myySrWDA6XkFlIiFB+KeZ1/MZMRihedT94B2tECmtNSXv2josa46LMQFFCqlfnEWNXVmE17qZuZcOsPIIZT6779ZECAz7xOshH/MyLJ9kbbjiCB83tckg1qMKfoUNGnJAWI3L6ryGLLmRSeT7y4doNRDFpgS1aTP+Z5z1YU76n+kzZSOh3L0VsBNokyTQ0Btp4xh3T8uant88UM9Loeh41/BJ7NgZGUsvOPO+RWTbAlDT8EO7ESPukznEtu2tDgU7RWmuGeee5cU+A5UYSEqv1aQ9mBbOdl63xBbN9eViAW6PZK9sKDJ1ZOw/H6HglFiv0ZjX/abMlPZHYO/XOY3/IYxNcEGTWfbPwIM3wR9+U2RXjUd4wUKTIXmf4CtbinOgTJCP
X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234; CTRY:IE; LANG:en;
SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:nebula.arm.com; PTR:InfoDomainNonexistent;
CAT:NONE;
SFS:(13230022)(4636009)(39860400002)(376002)(136003)(396003)(346002)(451199015)(36840700001)(40470700004)(46966006)(36756003)(86362001)(356005)(81166007)(82740400003)(36860700001)(5660300002)(2906002)(47076005)(426003)(44832011)(83380400001)(40460700003)(40480700001)(4744005)(8936002)(336012)(26005)(2616005)(186003)(7696005)(82310400005)(6916009)(8676002)(70206006)(478600001)(41300700001)(70586007)(316002)(36900700001);
DIR:OUT; SFP:1101;
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR08MB6115
X-MS-Exchange-Transport-CrossTenantHeadersStripped:
AM7EUR03FT032.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs:
4568e8b1-e690-4057-9579-08dab8307a2a
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
9VxUozO0W5mDHiLpvAoHbn9FJh4qhXYFeMJ50nPeKCxNC1cx2DWY+Y+epfh+iW9LDVrU6Z2L6NtXgHJn7j/7HbinYRd8B6078UsiLzY/vbAm9Zozg3ww7GXjGsyYZPgq5IjbxgOzKnEEHb/HtZKCwY59SReNgz6HWetCRri9ZKrpW1+OlFrIbiArxlAIj4PECQgrjvQmFcmz6yHLMJbG6c/v2MWE8V6SlqSMZ7RAdg6XoFqs7T3QJwJ1B0Frld8Qb2G3Pvu7Vp1hTw5aeL5YlPOfwMpL/eUdTi6dZZAwY9okkgMKSGSV80luo1HV5bbfM9kU7zBLxvYDaJ3h/byCGV4VivrXQL7BBR88GkYiDwsOC9gtYGhUpaPoBPByo5rSGv8AWqvriCT1Fxz2IAt0l+2NOxZF58hNMR8/849/5pXwo5Wyp61O7Y82aIwW9VfiWEoC8MPZNVi0xfFUA93PSdp/PAALDnzaedy9Ny4rginzYTAtKT9Rz5lgrjpn/t1uPHv+kzyQCz3cqlzQNJyXfUDbymhyb2zxAj9Tto3ald49NhWJGIKOcvujPUHaaNtIl+PiEwfp0sLK3f7w2XNsl5nDF2cyT9JAwMWJH3dcIrso2Ge/Phry5fRSwo/ClJdPT5rETT94lA8hdaTTnW8ZvWQ7/SumcPeS/pKsxDUe1W/9tve7gRk1Rf5Hq/AFzGXrjhj+MM3OuCbXVyvZoy8BWGj6stI2IUslIslAnU0y+G/R9nQSaqjYZ4yWwgG4eXw9GDJGhGnrtb5Kb8gqpWJGAA==
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:;
IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com;
PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE;
SFS:(13230022)(4636009)(376002)(136003)(39860400002)(396003)(346002)(451199015)(46966006)(36840700001)(40470700004)(8936002)(81166007)(426003)(82740400003)(41300700001)(47076005)(26005)(36860700001)(83380400001)(336012)(2906002)(36756003)(4744005)(2616005)(186003)(40460700003)(82310400005)(5660300002)(44832011)(316002)(478600001)(40480700001)(70206006)(70586007)(86362001)(7696005)(6916009)(8676002);
DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Oct 2022 15:32:49.9225 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id:
ae3f3e21-0228-4599-1223-08dab83081aa
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp:
TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123];
Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource:
AM7EUR03FT032.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR08MB7664
X-Spam-Status: No, score=-11.9 required=5.0 tests=BAYES_00, DKIM_SIGNED,
DKIM_VALID, FORGED_SPF_HELO, GIT_PATCH_0, KAM_DMARC_NONE, RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_NONE, TXREP,
UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
<mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
<mailto:libc-alpha-request@sourceware.org?subject=subscribe>
From: Szabolcs Nagy via Libc-alpha <libc-alpha@sourceware.org>
Reply-To: Szabolcs Nagy <szabolcs.nagy@arm.com>
Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
Sender: "Libc-alpha"
<libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
|
| Series |
patches from the morello port
|
|
Checks
| Context | Check | Description |
|---|---|---|
| dj/TryBot-apply_patch | success | Patch applied to master at the time it was sent |
Commit Message
Szabolcs Nagy
Oct. 27, 2022, 3:32 p.m. UTC
The src pointer is const and points to a different object, so accessing dest via src is invalid. --- debug/wcpcpy_chk.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
Comments
* Szabolcs Nagy via Libc-alpha: > The src pointer is const and points to a different object, so accessing > dest via src is invalid. > --- > debug/wcpcpy_chk.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/debug/wcpcpy_chk.c b/debug/wcpcpy_chk.c > index bc2be43c3e..d44fb479d0 100644 > --- a/debug/wcpcpy_chk.c > +++ b/debug/wcpcpy_chk.c > @@ -28,13 +28,12 @@ __wcpcpy_chk (wchar_t *dest, const wchar_t *src, size_t destlen) > { > wchar_t *wcp = (wchar_t *) dest - 1; > wint_t c; > - const ptrdiff_t off = src - dest + 1; > > do > { > if (__glibc_unlikely (destlen-- == 0)) > __chk_fail (); > - c = wcp[off]; > + c = *src++; > *++wcp = c; > } > while (c != L'\0'); Looks reasonable. Reviewed-by: Florian Weimer <fweimer@redhat.com> Thanks, Florian
diff --git a/debug/wcpcpy_chk.c b/debug/wcpcpy_chk.c index bc2be43c3e..d44fb479d0 100644 --- a/debug/wcpcpy_chk.c +++ b/debug/wcpcpy_chk.c @@ -28,13 +28,12 @@ __wcpcpy_chk (wchar_t *dest, const wchar_t *src, size_t destlen) { wchar_t *wcp = (wchar_t *) dest - 1; wint_t c; - const ptrdiff_t off = src - dest + 1; do { if (__glibc_unlikely (destlen-- == 0)) __chk_fail (); - c = wcp[off]; + c = *src++; *++wcp = c; } while (c != L'\0');