diff options
author | Carlos O'Donell <carlos@redhat.com> | 2013-09-23 00:52:09 -0400 |
---|---|---|
committer | Carlos O'Donell <carlos@redhat.com> | 2013-09-23 00:52:09 -0400 |
commit | c61b4d41c9647a54a329aa021341c0eb032b793e (patch) | |
tree | c4a665c232a7d37786a6f3b5e3f56d0ae11480e8 /ports | |
parent | 58a96064d193317236b740998e134b652d3d62ad (diff) | |
download | glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.tar glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.tar.gz glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.tar.bz2 glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.zip |
BZ #15754: CVE-2013-4788
The pointer guard used for pointer mangling was not initialized for
static applications resulting in the security feature being disabled.
The pointer guard is now correctly initialized to a random value for
static applications. Existing static applications need to be
recompiled to take advantage of the fix.
The test tst-ptrguard1-static and tst-ptrguard1 add regression
coverage to ensure the pointer guards are sufficiently random
and initialized to a default value.
Diffstat (limited to 'ports')
-rw-r--r-- | ports/ChangeLog.ia64 | 5 | ||||
-rw-r--r-- | ports/ChangeLog.tile | 5 | ||||
-rw-r--r-- | ports/sysdeps/ia64/stackguard-macros.h | 3 | ||||
-rw-r--r-- | ports/sysdeps/tile/stackguard-macros.h | 6 |
4 files changed, 19 insertions, 0 deletions
diff --git a/ports/ChangeLog.ia64 b/ports/ChangeLog.ia64 index efe352e6bb..272f73a1b3 100644 --- a/ports/ChangeLog.ia64 +++ b/ports/ChangeLog.ia64 @@ -1,3 +1,8 @@ +2013-09-22 Carlos O'Donell <carlos@redhat.com> + + [BZ #15754] + * sysdeps/ia64/stackguard-macros.h: Define POINTER_CHK_GUARD. + 2013-08-30 Ondřej Bílka <neleai@seznam.cz> * sysdeps/ia64/fpu/libm_reduce.S: Fix typos. diff --git a/ports/ChangeLog.tile b/ports/ChangeLog.tile index 79d15b464c..dc2e7e412d 100644 --- a/ports/ChangeLog.tile +++ b/ports/ChangeLog.tile @@ -1,3 +1,8 @@ +2013-09-22 Carlos O'Donell <carlos@redhat.com> + + [BZ #15754] + * sysdeps/tile/stackguard-macros.h: Define POINTER_CHK_GUARD. + 2013-09-20 Andreas Schwab <schwab@linux-m68k.org> * sysdeps/tile/ffs.c (__ffs): Define as hidden. diff --git a/ports/sysdeps/ia64/stackguard-macros.h b/ports/sysdeps/ia64/stackguard-macros.h index dc683c28c5..390729327a 100644 --- a/ports/sysdeps/ia64/stackguard-macros.h +++ b/ports/sysdeps/ia64/stackguard-macros.h @@ -2,3 +2,6 @@ #define STACK_CHK_GUARD \ ({ uintptr_t x; asm ("adds %0 = -8, r13;; ld8 %0 = [%0]" : "=r" (x)); x; }) + +#define POINTER_CHK_GUARD \ + ({ uintptr_t x; asm ("adds %0 = -16, r13;; ld8 %0 = [%0]" : "=r" (x)); x; }) diff --git a/ports/sysdeps/tile/stackguard-macros.h b/ports/sysdeps/tile/stackguard-macros.h index 589ea2b0d8..f2e041b99b 100644 --- a/ports/sysdeps/tile/stackguard-macros.h +++ b/ports/sysdeps/tile/stackguard-macros.h @@ -4,11 +4,17 @@ # if __WORDSIZE == 64 # define STACK_CHK_GUARD \ ({ uintptr_t x; asm ("addi %0, tp, -16; ld %0, %0" : "=r" (x)); x; }) +# define POINTER_CHK_GUARD \ + ({ uintptr_t x; asm ("addi %0, tp, -24; ld %0, %0" : "=r" (x)); x; }) # else # define STACK_CHK_GUARD \ ({ uintptr_t x; asm ("addi %0, tp, -8; ld4s %0, %0" : "=r" (x)); x; }) +# define POINTER_CHK_GUARD \ + ({ uintptr_t x; asm ("addi %0, tp, -12; ld4s %0, %0" : "=r" (x)); x; }) # endif #else # define STACK_CHK_GUARD \ ({ uintptr_t x; asm ("addi %0, tp, -8; lw %0, %0" : "=r" (x)); x; }) +# define POINTER_CHK_GUARD \ + ({ uintptr_t x; asm ("addi %0, tp, -12; lw %0, %0" : "=r" (x)); x; }) #endif |