From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-99396-e=80x24.org@sourceware.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS31976 209.132.180.0/23
X-Spam-Status: No, score=-4.0 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id A43141F453
	for <e@80x24.org>; Fri, 18 Jan 2019 13:31:47 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; q=dns; s=default; b=kgb66
	U4DQz6UCUvVL/M6o3pPD13sX+AiI/EpJ8JTbLhYWWb2TgW3eZjpKqzzofYGK72Lm
	pCQk3zWOVXVIJAHyO+upOBx4dBpCyo6TN/lAMtSIgtIgSMafy55sc6zxa0pgT6Cp
	4kjoYkhbshOryCwjup8vtE5K+ERQHZyjHAX5jQ=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; s=default; bh=NqsHMJ/Vb9m
	Y1iBhJJn5VaYDH6E=; b=MtGF/Rok4ZoSm50mdgurId20XonnmUGGwjUj30IBero
	t/3qGH4puCea0uIwhDAD6WsuVal6FuHAb0b4Tu4r3/nAk/tb9ttKrft0S57OIl4s
	ScxI2hvmNYKHJG7bIC4blKU5DlTpsSIi+CVY+EIDXWnHvjgwhjYtq83/7bi5yprQ
	=
Received: (qmail 86823 invoked by alias); 18 Jan 2019 13:31:45 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-e=80x24.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 72907 invoked by uid 89); 18 Jan 2019 13:31:35 -0000
Authentication-Results: sourceware.org; auth=none
X-HELO: mx1.redhat.com
From: Florian Weimer <fweimer@redhat.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: GNU C Library <libc-alpha@sourceware.org>
Subject: Re: [PATCH 0/8] x86-64: Properly handle the length parameter [BZ# 24097]
References: <20190117165351.25914-1-hjl.tools@gmail.com>
	<87bm4ep7df.fsf@oldenburg2.str.redhat.com>
	<CAMe9rOq0wYwkXB_po_3CqMu7T=vJxtxGkXsxUuq-L5mghEPQCw@mail.gmail.com>
Date: Fri, 18 Jan 2019 14:31:30 +0100
In-Reply-To: <CAMe9rOq0wYwkXB_po_3CqMu7T=vJxtxGkXsxUuq-L5mghEPQCw@mail.gmail.com>
	(H. J. Lu's message of "Fri, 18 Jan 2019 05:14:26 -0800")
Message-ID: <87va2mnlcd.fsf@oldenburg2.str.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain

* H. J. Lu:

> On Fri, Jan 18, 2019 at 2:50 AM Florian Weimer <fweimer@redhat.com> wrote:
>>
>> * H. J. Lu:
>>
>> > On x32, the size_t parameter may be passed in the lower 32 bits of a
>> > 64-bit register with the non-zero upper 32 bits.  The string/memory
>> > functions written in assembly can only use the lower 32 bits of a
>> > 64-bit register as length or must clear the upper 32 bits before using
>> > the full 64-bit register for length.
>> >
>> > This pach fixes string/memory functions written in assembly for x32.
>> > Tested on x86-64 and x32.  On x86-64, libc.so is the same with and
>> > withou the fix.
>>
>> Can this bug result in buffer overflows?  Should we obtain a CVE
>
> Yes, definitely.

Yuck.

>> identifier?
>>
>
> Yes, please.  Can you do that for me?

Working on it.

The issue existed since the port was introduced, correct?

Thanks,
Florian