From patchwork Mon Jul 29 11:00:32 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 18626 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ve0-f199.google.com (mail-ve0-f199.google.com [209.85.128.199]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 981E72395F for ; Mon, 29 Jul 2013 11:00:36 +0000 (UTC) Received: by mail-ve0-f199.google.com with SMTP id m1sf4137637ves.2 for ; Mon, 29 Jul 2013 04:00:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-beenthere:x-forwarded-to:x-forwarded-for :delivered-to:from:to:cc:subject:date:message-id:x-mailer :in-reply-to:references:x-gm-message-state:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-google-group-id:list-post:list-help:list-archive:list-unsubscribe; bh=5gqbSbeBxD78feNHRyuvTHg9tu3XyU0TJNbJ9nrrvYA=; b=hz2xP9OeMnbH3v5RLWQbVBifaeSZlA/7q1+wpxM4QoTpo5FCIYYNxut4PxE+HhWOPd H/uhAnE/vTjRzlH2wU8e7TZmMHiNiyIaVVsdUwT54HzOYgUuumEuzvlCcPT9LH6hl/hp GEziPzcHEjodMuUr5AH/mT8RxtvTBt6qpe7C2a2eSayhWmdANBdG521vSOvO2xwKNUS8 NwGFFed4n3op3++zilgrQXZPaqIQxMybzxHGhUspzgaHA8yGVYTDKKLXNQN2rnnOObyb FV04eS4HNBZVMFTzAkDB01pC5AmM/ZSggpCJldJCAQR8dzn734jsojNIA2HxfX7icFLZ LIig== X-Received: by 10.236.111.40 with SMTP id v28mr29958999yhg.27.1375095635797; Mon, 29 Jul 2013 04:00:35 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.49.132.38 with SMTP id or6ls1782515qeb.7.gmail; Mon, 29 Jul 2013 04:00:35 -0700 (PDT) X-Received: by 10.52.27.232 with SMTP id w8mr21290392vdg.111.1375095635580; Mon, 29 Jul 2013 04:00:35 -0700 (PDT) Received: from mail-vb0-f43.google.com (mail-vb0-f43.google.com [209.85.212.43]) by mx.google.com with ESMTPS id w1si17501520vei.110.2013.07.29.04.00.35 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 29 Jul 2013 04:00:35 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.212.43 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.212.43; Received: by mail-vb0-f43.google.com with SMTP id h11so1784046vbh.16 for ; Mon, 29 Jul 2013 04:00:35 -0700 (PDT) X-Received: by 10.220.164.138 with SMTP id e10mr8335788vcy.27.1375095635268; Mon, 29 Jul 2013 04:00:35 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patches@linaro.org Received: by 10.221.11.8 with SMTP id pc8csp109801vcb; Mon, 29 Jul 2013 04:00:34 -0700 (PDT) X-Received: by 10.194.249.129 with SMTP id yu1mr43265083wjc.10.1375095634245; Mon, 29 Jul 2013 04:00:34 -0700 (PDT) Received: from mnementh.archaic.org.uk (1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.0.b.8.0.1.0.0.2.ip6.arpa. [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id ud9si27412830wjc.157.2013.07.29.04.00.33 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 29 Jul 2013 04:00:34 -0700 (PDT) Received-SPF: neutral (google.com: 2001:8b0:1d0::1 is neither permitted nor denied by best guess record for domain of pm215@archaic.org.uk) client-ip=2001:8b0:1d0::1; Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80) (envelope-from ) id 1V3lBo-0003a8-En; Mon, 29 Jul 2013 12:00:32 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, Riku Voipio , Alexander Graf , qemu-ppc@nongnu.org, Anthony Liguori Subject: [PATCH for-1.6 2/2] linux-user/signal.c: Avoid using uninitialized data in ARM sigreturn Date: Mon, 29 Jul 2013 12:00:32 +0100 Message-Id: <1375095632-13735-3-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1375095632-13735-1-git-send-email-peter.maydell@linaro.org> References: <1375095632-13735-1-git-send-email-peter.maydell@linaro.org> X-Gm-Message-State: ALoCoQny5aJwLgghSlOKMiXJ4ytHaWWPpCgSDb551ycBy/r4cpg+/bkT5Oq2v2vdWaR/mtF0aF9a X-Original-Sender: peter.maydell@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.212.43 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Precedence: list Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org List-ID: X-Google-Group-Id: 836684582541 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , Rephrase code used in ARM sigreturn functions to avoid using uninitialized variables. This fixes one genuine problem ('frame' would not be initialized if we took the error-exit path because our stackpointer was misaligned) and one which is clang being alarmist (frame_addr wouldn't be initialized, though this is harmless since unlock_user_struct ignores its second argument in these cases; however since we don't generally make use of this not-really-documented effect it's better avoided). Signed-off-by: Peter Maydell --- linux-user/signal.c | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/linux-user/signal.c b/linux-user/signal.c index d63777d..23d65da 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -1552,7 +1552,7 @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc) static long do_sigreturn_v1(CPUARMState *env) { abi_ulong frame_addr; - struct sigframe_v1 *frame; + struct sigframe_v1 *frame = NULL; target_sigset_t set; sigset_t host_set; int i; @@ -1562,10 +1562,11 @@ static long do_sigreturn_v1(CPUARMState *env) * then 'sp' should be word aligned here. If it's * not, then the user is trying to mess with us. */ - if (env->regs[13] & 7) - goto badframe; - frame_addr = env->regs[13]; + if (frame_addr & 7) { + goto badframe; + } + if (!lock_user_struct(VERIFY_READ, frame, frame_addr, 1)) goto badframe; @@ -1693,17 +1694,18 @@ static int do_sigframe_return_v2(CPUARMState *env, target_ulong frame_addr, static long do_sigreturn_v2(CPUARMState *env) { abi_ulong frame_addr; - struct sigframe_v2 *frame; + struct sigframe_v2 *frame = NULL; /* * Since we stacked the signal on a 64-bit boundary, * then 'sp' should be word aligned here. If it's * not, then the user is trying to mess with us. */ - if (env->regs[13] & 7) - goto badframe; - frame_addr = env->regs[13]; + if (frame_addr & 7) { + goto badframe; + } + if (!lock_user_struct(VERIFY_READ, frame, frame_addr, 1)) goto badframe; @@ -1731,7 +1733,7 @@ long do_sigreturn(CPUARMState *env) static long do_rt_sigreturn_v1(CPUARMState *env) { abi_ulong frame_addr; - struct rt_sigframe_v1 *frame; + struct rt_sigframe_v1 *frame = NULL; sigset_t host_set; /* @@ -1739,10 +1741,11 @@ static long do_rt_sigreturn_v1(CPUARMState *env) * then 'sp' should be word aligned here. If it's * not, then the user is trying to mess with us. */ - if (env->regs[13] & 7) - goto badframe; - frame_addr = env->regs[13]; + if (frame_addr & 7) { + goto badframe; + } + if (!lock_user_struct(VERIFY_READ, frame, frame_addr, 1)) goto badframe; @@ -1772,17 +1775,18 @@ badframe: static long do_rt_sigreturn_v2(CPUARMState *env) { abi_ulong frame_addr; - struct rt_sigframe_v2 *frame; + struct rt_sigframe_v2 *frame = NULL; /* * Since we stacked the signal on a 64-bit boundary, * then 'sp' should be word aligned here. If it's * not, then the user is trying to mess with us. */ - if (env->regs[13] & 7) - goto badframe; - frame_addr = env->regs[13]; + if (frame_addr & 7) { + goto badframe; + } + if (!lock_user_struct(VERIFY_READ, frame, frame_addr, 1)) goto badframe;