tequilaOS/platform_bionic
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_bionic/libc/arch-arm
History
Christopher Ferris fdfcfce7c6 Fix over read in strcpy/stpcpy/strcat. 
This bug will happen when these circumstances are met:

- Destination address & 0x7 == 1, strlen of src is 11, 12, 13.
- Destination address & 0x7 == 2, strlen of src is 10, 11, 12.
- Destination address & 0x7 == 3, strlen of src is 9, 10, 11.
- Destination address & 0x7 == 4, strlen of src is 8, 9, 10.

In these cases, the dest alignment code does a ldr which reads 4 bytes,
and it will read past the end of the source. In most cases, this is
probably benign, but if this crosses into a new page it could cause a
crash.

Fix the labels in the cortex-a9 strcat.

Modify the overread test to vary the dst alignment to expost this bug.
Also, shrink the strcat/strlcat overread cases since the dst alignment
variation increases the runtime too much.

Bug: 24345899
Change-Id: Ib34a559bfcebd89861985b29cae6c1e47b5b5855
2015-09-24 14:17:36 -07:00
..
bionic Implement setjmp cookies on ARM. 2015-09-17 14:07:24 -07:00
cortex-a7 Add optimized cortex-a7/cortex-a53 memset/memcpy. 2015-08-17 13:02:03 -07:00
cortex-a8 libc/arm: add cortex-a8 cpu variant 2013-05-15 20:13:28 -07:00
cortex-a9 Fix over read in strcpy/stpcpy/strcat. 2015-09-24 14:17:36 -07:00
cortex-a15 Fix over read in strcpy/stpcpy/strcat. 2015-09-24 14:17:36 -07:00
cortex-a53 Add optimized cortex-a7/cortex-a53 memset/memcpy. 2015-08-17 13:02:03 -07:00
denver Move the generic arm memcmp.S into the generic directory. 2014-12-15 11:06:34 -08:00
generic Replace bx lr with update of pc from the stack. 2015-07-08 11:20:27 -07:00
include/machine Add ARM_IRELATIVE relocation 2015-01-08 22:22:27 -08:00
krait Remove pushes from memsets (krait/cortex-a9). 2015-07-27 14:07:37 -07:00
syscalls Add preadv/pwritev. 2015-08-26 14:48:55 -07:00
arm.mk Add exported __popcount_tab for libgcc compat under compiler-rt. 2015-08-24 13:06:10 -07:00