Date: Fri, 25 Dec 2015 21:57:34 +0100 From: Markus Wichmann <nullplan@....net> To: musl@...ts.openwall.com Subject: Patch: Negative stack pointer references Hi all, I found a few instances in musl where negative stack pointer offsets were used in the handwritten assembly. That is problematic, because if a signal arrives and is handled during the time that scratch space is in use (unlikely but possible), and sigaltstack() is not used, then that scratch space will be overwritten. This was just something I saw while randomly reading the code. Also, I only searched for the error pattern using a regex, so the problem may persist with (possibly) negative nonconstant offsets to the stack pointer, use of the same space with another register as base, or use of a negative constant offset my regex failed to match. I searched for -\d\+(%[er]sp) -0[xX]\x\+(%[er]sp) in all .s, .c, and .h files. Also, the problem may exist in architectures other than AMD64 or x32. I'm not a subscriber, so please CC me in this thread. Ciao, Markus View attachment "0033-Remove-negative-constant-stack-pointer-offsets.patch" of type "text/x-diff" (3847 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.