From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-99415-e=80x24.org@sourceware.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS31976 209.132.180.0/23
X-Spam-Status: No, score=-4.0 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id 9774A1F453
	for <e@80x24.org>; Fri, 18 Jan 2019 19:56:43 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; q=dns; s=default; b=DC3eW
	kGOAH23m2F1EnMY+QCdaUs0WQGUnWI+j9Nis40hF4aXFbaGrgd0Y6RI4toyPJ9gf
	S/OK2mmarX1ss9vMyDWkqxgm+cHILrHf+NDrAp8GKFWY2R+Hf0Eje65v5wuuYI5s
	GrHpClxdvCfgtz1vPbCtcgZrQNeyKdvpwBDc3Q=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; s=default; bh=KabYFfgk4wg
	7RYiYhbFydCy5uHA=; b=nATkYrYWSNsKpA51taNdQKreSB3SBiWTZhM0VLWnP6P
	OuF86uV2LXcnSRMlflhi+dGRnDT5+oFQ7N+FeCz7LFo5jZudIN7MxZ43jrkT8jeu
	TF/VtGyRGwQR9N7fjzKtUD8bgXxrWqFCnaSUJO7fqC3FQDAmRAVT5gp+Uvx3EQi8
	=
Received: (qmail 38521 invoked by alias); 18 Jan 2019 19:56:41 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-e=80x24.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 38039 invoked by uid 89); 18 Jan 2019 19:56:40 -0000
Authentication-Results: sourceware.org; auth=none
X-HELO: mx1.redhat.com
From: Florian Weimer <fweimer@redhat.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: GNU C Library <libc-alpha@sourceware.org>
Subject: Re: [PATCH 0/8] x86-64: Properly handle the length parameter [BZ# 24097]
References: <20190117165351.25914-1-hjl.tools@gmail.com>
	<87bm4ep7df.fsf@oldenburg2.str.redhat.com>
	<CAMe9rOq0wYwkXB_po_3CqMu7T=vJxtxGkXsxUuq-L5mghEPQCw@mail.gmail.com>
Date: Fri, 18 Jan 2019 20:56:35 +0100
In-Reply-To: <CAMe9rOq0wYwkXB_po_3CqMu7T=vJxtxGkXsxUuq-L5mghEPQCw@mail.gmail.com>
	(H. J. Lu's message of "Fri, 18 Jan 2019 05:14:26 -0800")
Message-ID: <87r2d9loy4.fsf@oldenburg2.str.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain

* H. J. Lu:

> On Fri, Jan 18, 2019 at 2:50 AM Florian Weimer <fweimer@redhat.com> wrote:
>>
>> * H. J. Lu:
>>
>> > On x32, the size_t parameter may be passed in the lower 32 bits of a
>> > 64-bit register with the non-zero upper 32 bits.  The string/memory
>> > functions written in assembly can only use the lower 32 bits of a
>> > 64-bit register as length or must clear the upper 32 bits before using
>> > the full 64-bit register for length.
>> >
>> > This pach fixes string/memory functions written in assembly for x32.
>> > Tested on x86-64 and x32.  On x86-64, libc.so is the same with and
>> > withou the fix.
>>
>> Can this bug result in buffer overflows?  Should we obtain a CVE
>
> Yes, definitely.
>
>> identifier?
>>
>
> Yes, please.  Can you do that for me?

Done, MITRE gave us CVE-2019-6488.  Please reference this in the
ChangeLog and the commit message if you have not done so.  Please also
add short NEWS entry in the security section.  Thanks.

Florian