git: 0d12f495d8d9 - main - rtld-elf: Use clear pointer provenance when updating DTV pointer
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 07 May 2025 19:22:12 UTC
The branch main has been updated by jrtc27:
URL: https://cgit.FreeBSD.org/src/commit/?id=0d12f495d8d9442352afa9dfc59a0b078c7b2852
commit 0d12f495d8d9442352afa9dfc59a0b078c7b2852
Author: Jessica Clarke <jrtc27@FreeBSD.org>
AuthorDate: 2025-05-07 19:20:20 +0000
Commit: Jessica Clarke <jrtc27@FreeBSD.org>
CommitDate: 2025-05-07 19:20:20 +0000
rtld-elf: Use clear pointer provenance when updating DTV pointer
On traditional architectures where uintptr_t is just a plain integer,
there is no provenance from the order of operations. However, on CHERI
there is even for uintptr_t, and in future this code will use actual
pointer types anyway, where the provenance does technically matter even
for non-CHERI. Commute and associate the operands appropriately to
ensure the provenance is for the new allocation, not the old one.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D50230
---
libexec/rtld-elf/rtld.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 44347e482c64..cd564daa94a6 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -5472,8 +5472,8 @@ allocate_tls(Obj_Entry *objs, void *oldtcb, size_t tcbsize, size_t tcbalign)
for (i = 0; i < dtv[1]; i++) {
if (dtv[i + 2] >= (uintptr_t)oldtcb &&
dtv[i + 2] < (uintptr_t)oldtcb + tls_static_space) {
- dtv[i + 2] = dtv[i + 2] - (uintptr_t)oldtcb +
- (uintptr_t)tcb;
+ dtv[i + 2] = (uintptr_t)((char *)tcb +
+ ((char *)dtv[i + 2] - (char *)oldtcb));
}
}
} else {