Author: jhb Date: Tue Apr 21 17:40:23 2020 New Revision: 360169 URL: https://svnweb.freebsd.org/changeset/base/360169
Log: Check the magic value in longjmp() before calling sigprocmask(). This avoids passing garbage to sigprocmask() if the jump buffer is invalid. Reviewed by: mhorne Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D24483 Modified: head/lib/libc/riscv/gen/setjmp.S Modified: head/lib/libc/riscv/gen/setjmp.S ============================================================================== --- head/lib/libc/riscv/gen/setjmp.S Tue Apr 21 17:38:07 2020 (r360168) +++ head/lib/libc/riscv/gen/setjmp.S Tue Apr 21 17:40:23 2020 (r360169) @@ -100,6 +100,11 @@ ENTRY(setjmp) END(setjmp) ENTRY(longjmp) + /* Check the magic value */ + ld t0, 0(a0) + ld t1, .Lmagic + bne t0, t1, botch + addi sp, sp, -(4 * 8) sd a0, (0 * 8)(sp) sd ra, (1 * 8)(sp) @@ -115,11 +120,6 @@ ENTRY(longjmp) ld ra, (1 * 8)(sp) ld a0, (0 * 8)(sp) addi sp, sp, (4 * 8) - - /* Check the magic value */ - ld t0, 0(a0) - ld t1, .Lmagic - bne t0, t1, botch /* Restore the stack pointer */ ld t0, 8(a0) _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
