Brad Bishop | 37a0e4d | 2017-12-04 01:01:44 -0500 | [diff] [blame^] | 1 | glibc-2.24: Fix CVE-2016-6323 |
| 2 | |
| 3 | [No upstream tracking] -- https://sourceware.org/bugzilla/show_bug.cgi?id=20435 |
| 4 | |
| 5 | arm: mark __startcontext as .cantunwind, GNU |
| 6 | |
| 7 | Glibc bug where the makecontext function would create |
| 8 | an execution context which is incompatible with the unwinder, |
| 9 | causing it to hang when the generation of a backtrace is attempted. |
| 10 | |
| 11 | Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617] |
| 12 | CVE: CVE-2016-6323 |
| 13 | Signed-off-by: Andrej Valek <andrej.valek@siemens.com> |
| 14 | Signed-off-by: Pascal Bach <pascal.bach@siemens.com> |
| 15 | |
| 16 | diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S |
| 17 | index 603e508..d1f168f 100644 |
| 18 | --- a/sysdeps/unix/sysv/linux/arm/setcontext.S |
| 19 | +++ b/sysdeps/unix/sysv/linux/arm/setcontext.S |
| 20 | @@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext) |
| 21 | |
| 22 | /* Called when a makecontext() context returns. Start the |
| 23 | context in R4 or fall through to exit(). */ |
| 24 | + /* Unwind descriptors are looked up based on PC - 2, so we have to |
| 25 | + make sure to mark the instruction preceding the __startcontext |
| 26 | + label as .cantunwind. */ |
| 27 | + .fnstart |
| 28 | + .cantunwind |
| 29 | + nop |
| 30 | ENTRY(__startcontext) |
| 31 | movs r0, r4 |
| 32 | bne PLTJMP(__setcontext) |
| 33 | |
| 34 | @ New context was 0 - exit |
| 35 | b PLTJMP(HIDDEN_JUMPTARGET(exit)) |
| 36 | + .fnend |
| 37 | END(__startcontext) |
| 38 | |
| 39 | #ifdef PIC |