On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.
This pach fixes memrchr for x32. Tested on x86-64 and x32. On x86-64,
libc.so is the same with and withou the fix.
[BZ# 24097]
CVE-2019-6488
* sysdeps/x86_64/memrchr.S: Use RDX_LP for length.
* sysdeps/x86_64/multiarch/memrchr-avx2.S: Likewise.
* sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memrchr.
* sysdeps/x86_64/x32/tst-size_t-memrchr.c: New file.
By x86-64 specification, 32-bit destination registers are zero-extended
to 64 bits. There is no need to use 64-bit registers when only the lower
32 bits are non-zero. Also 2 instructions in:
mov %rdi, %rcx
and $15, %rcx
jz L(length_less16_offset0)
mov %rdi, %rcx <<< redundant
and $15, %rcx <<< redundant
are redundant.
* sysdeps/x86_64/memrchr.S (__memrchr): Use 32-bit registers for
the lower 32 bits. Remove redundant instructions.
On x86_64, memrchr (not a standard function) is defined as a strong
symbol, instead of a weak alias of __memrchr as on other
architectures. This results in linknamespace test failures from the
use of __memrchr from dirname. (Not a conformance issue because of
the mem* reservation, but contrary to glibc conventions.) This patch
makes x86_64 follow other architectures by defining memrchr as a weak
alias.
Tested for x86_64 (testsuite, and that disassembly of installed shared
libraries is unchanged by the patch).
[BZ #17719]
* sysdeps/x86_64/memrchr.S (memrchr): Rename to __memrchr and
define as weak alias of __memrchr.
(__memrchr): Do not define as strong alias of memrchr.
* conform/Makefile (test-xfail-XPG4/libgen.h/linknamespace):
Remove variable.
(test-xfail-UNIX98/libgen.h/linknamespace): Likewise.
(test-xfail-XOPEN2K/libgen.h/linknamespace): Likewise.
(test-xfail-XOPEN2K8/libgen.h/linknamespace): Likewise.
