aboutsummaryrefslogtreecommitdiff
path: root/sysdeps/s390
diff options
context:
space:
mode:
authorStefan Liebler <stli@linux.ibm.com>2021-06-29 11:37:28 +0200
committerStefan Liebler <stli@linux.ibm.com>2021-07-01 16:46:59 +0200
commit7c45df18e1c524775a88c1e6fc7eac0049b3de83 (patch)
tree0dac930cc98dd8ecaffd9e11e2bf5d4130241ad8 /sysdeps/s390
parentba436665b1c9e8bcef76947a4b59706bc64ceead (diff)
downloadglibc-7c45df18e1c524775a88c1e6fc7eac0049b3de83.tar
glibc-7c45df18e1c524775a88c1e6fc7eac0049b3de83.tar.gz
glibc-7c45df18e1c524775a88c1e6fc7eac0049b3de83.tar.bz2
glibc-7c45df18e1c524775a88c1e6fc7eac0049b3de83.zip
s390: Fix MEMCHR_Z900_G5 ifunc-variant if n>=0x80000000 [BZ #28024]
On s390 (31bit), the pointer to the first byte after s always wraps around with n >= 0x80000000 and can lead to stop searching before end of s. Thus this patch just use NULL as byte after s in this case and the srst instruction stops searching with "not found" when wrapping around from top address to zero. This is observable with testcase string/test-memchr starting with commit "String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974]" https://sourceware.org/git/?p=glibc.git;a=commit;h=da5a6fba0febbfc90896ce1b2eb75c6d8a88a72d
Diffstat (limited to 'sysdeps/s390')
-rw-r--r--sysdeps/s390/memchr-z900.S13
1 files changed, 13 insertions, 0 deletions
diff --git a/sysdeps/s390/memchr-z900.S b/sysdeps/s390/memchr-z900.S
index 90b8a32dd6..72fd9e023f 100644
--- a/sysdeps/s390/memchr-z900.S
+++ b/sysdeps/s390/memchr-z900.S
@@ -44,12 +44,25 @@ ENTRY(MEMCHR_Z900_G5)
LGHI %r0,0xff
NGR %r0,%r3
LGR %r1,%r2
+# if ! defined __s390x__
+ tmlh %r4,32768
+ jo 3f /* Jump away if n >= 0x80000000 */
+# endif
la %r2,0(%r4,%r1)
0: srst %r2,%r1
jo 0b
brc 13,1f
SLGR %r2,%r2
1: br %r14
+# if ! defined __s390x__
+ /* On s390 (31bit), the pointer to the first byte after s (stored in
+ r2) always wraps around with n >= 0x80000000 and can lead to stop
+ searching before end of s. Thus just use r2=0 in this case.
+ If r2 < r1, the srst instruction stops searching with cc=2 "not
+ found" when wrapping around from top address to zero. */
+3: SLGR %r2,%r2
+ j 0b
+# endif
END(MEMCHR_Z900_G5)
# if ! HAVE_MEMCHR_IFUNC