gnu/packages/patches/glibc-CVE-2019-7309.patch

   1 Fix <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7309>.
   2
   3 Taken from this upstream commit, sans ChangeLog updates and tests:
   4 <https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=3f635fb43389b54f682fc9ed2acc0b2aaf4a923d>.
   5
   6 diff --git a/sysdeps/x86_64/memcmp.S b/sysdeps/x86_64/memcmp.S
   7 index 1fc487caa5..1322bb3b92 100644
   8 --- a/sysdeps/x86_64/memcmp.S
   9 +++ b/sysdeps/x86_64/memcmp.S
  10 @@ -21,14 +21,18 @@
  11
  12         .text
  13  ENTRY (memcmp)
  14 -       test    %rdx, %rdx
  15 +#ifdef __ILP32__
  16 +       /* Clear the upper 32 bits.  */
  17 +       movl    %edx, %edx
  18 +#endif
  19 +       test    %RDX_LP, %RDX_LP
  20         jz      L(finz)
  21         cmpq    $1, %rdx
  22 -       jle     L(finr1b)
  23 +       jbe     L(finr1b)
  24         subq    %rdi, %rsi
  25         movq    %rdx, %r10
  26         cmpq    $32, %r10
  27 -       jge     L(gt32)
  28 +       jae     L(gt32)
  29         /* Handle small chunks and last block of less than 32 bytes.  */
  30  L(small):
  31         testq   $1, %r10
  32 @@ -156,7 +160,7 @@ L(A32):
  33         movq    %r11, %r10
  34         andq    $-32, %r10
  35         cmpq    %r10, %rdi
  36 -        jge    L(mt16)
  37 +        jae    L(mt16)
  38         /* Pre-unroll to be ready for unrolled 64B loop.  */
  39         testq   $32, %rdi
  40         jz      L(A64)
  41 @@ -178,7 +182,7 @@ L(A64):
  42         movq    %r11, %r10
  43         andq    $-64, %r10
  44         cmpq    %r10, %rdi
  45 -        jge    L(mt32)
  46 +        jae    L(mt32)
  47
  48  L(A64main):
  49         movdqu    (%rdi,%rsi), %xmm0
  50 @@ -216,7 +220,7 @@ L(mt32):
  51         movq    %r11, %r10
  52         andq    $-32, %r10
  53         cmpq    %r10, %rdi
  54 -        jge    L(mt16)
  55 +        jae    L(mt16)
  56
  57  L(A32main):
  58         movdqu    (%rdi,%rsi), %xmm0
  59 @@ -254,7 +258,7 @@ L(ATR):
  60         movq    %r11, %r10
  61         andq    $-32, %r10
  62         cmpq    %r10, %rdi
  63 -        jge    L(mt16)
  64 +        jae    L(mt16)
  65         testq   $16, %rdi
  66         jz      L(ATR32)
  67
  68 @@ -325,7 +329,7 @@ L(ATR64main):
  69         movq    %r11, %r10
  70         andq    $-32, %r10
  71         cmpq    %r10, %rdi
  72 -        jge    L(mt16)
  73 +        jae    L(mt16)
  74
  75  L(ATR32res):
  76         movdqa    (%rdi,%rsi), %xmm0