From nobody Tue Jan 25 01:40:14 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4382D19730FD; Tue, 25 Jan 2022 01:40:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JjV0c2rjqz4Zt8; Tue, 25 Jan 2022 01:40:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643074816; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=c6gI70Ycf+dpQR4JKRRyRD/E5TxidAlC8nHgAyaiM6Y=; b=TocmcLxCMnhwGIqeGDi7uOxGamkfsvuk68qMpD/8ojj5GILrbnaWeYjgruBQ8xeDux7hOH ThVy/kvbHZ4SIapkfZmTiwPhOTlLdygAasOAIq+KRjMH9o5JQ+ZxqQDq7F8bR5KDfHW91q O9y8Qx9UamyV57jM162bX4FJwCZJwyCscwJ3eLDaJSufglHUlAgA2uKmL4RcPEGpLJmlGi LFomlHZ91tUKjuBM4kp+jG2yHbDdDl9K53bIAtYA/Tcy66VPCi6FlZeWfwwil78XjyKF6V OSCcGwexv0t73s7q0Bi+LkuplCQWXblKTMLkGPg8gh1mJufQ9kmzD7A2hgS0NQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0128420B3A; Tue, 25 Jan 2022 01:40:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20P1eEGx048263; Tue, 25 Jan 2022 01:40:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20P1eE9j048257; Tue, 25 Jan 2022 01:40:14 GMT (envelope-from git) Date: Tue, 25 Jan 2022 01:40:14 GMT Message-Id: <202201250140.20P1eE9j048257@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Jessica Clarke Subject: git: 5d10ed57e655 - stable/13 - libc: Fix "harmless" iconv one-byte overread List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jrtc27 X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 5d10ed57e655a2d5923f243955291da219c07a42 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643074816; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=c6gI70Ycf+dpQR4JKRRyRD/E5TxidAlC8nHgAyaiM6Y=; b=ShfWwl9O1QjnEhXsr19nFB7fdF33D1/3upbfAK3VtZf4CE6qFpcmNQ+jdcwuHsahh3zkxk lquN3UOiNMbx8E3oxQco0ZhICOBug/X0CljmIhiweGT80yyf34DdZb8otEIZ8VP/9hMY79 VWNaxuVvNMy9QUmxM6g4i4vZ+ZQHjxFHrM3ZK+h+WwytaOykvAj0hORsXrwq1m1o780Ko0 RbTIe0tzX0DMO3d5oE4+bjVC5pJUxtuJLs0KUkJXqnq/P3uFQ3VG2UbLh9qXoiEehfj3V1 gJtpRRYWaNgx+3cSo6K5ZeUHH9cl3ZwrfH3fo/2JV9CNibdYuU0CzbFKnuSFBA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643074816; a=rsa-sha256; cv=none; b=HtrEbRQrwEH+vdtVGM3oLD2rUvCc0WP5kei6uUJQu7w7Jz44u+WYT8YD2klLQz2oqIOYKW 8UjAF4lUpkO248c1+JNZbz4t+tnwmnTwjzV97klPLToM0hgYXtHCuK2ETMZ1ssyLweKUuM mJJykKeumEybg2aSkrQkRZxkPV6VY1r/fvAlUsITyzFENUaJunzBHOb94k/VhCWyluCrIK M9RGi+LnHT3dOPGi3BlbSW6o5ndRYsKv5E2Yk/1O9uWgo5TYGerOVGuh4AQTr944DzY+HL 09OojTlRyg8pEOy+qORmQMcpfg8OeLpQ/MlACjOd5teymta3TE/cL2E5t4lnhA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by jrtc27: URL: https://cgit.FreeBSD.org/src/commit/?id=5d10ed57e655a2d5923f243955291da219c07a42 commit 5d10ed57e655a2d5923f243955291da219c07a42 Author: Jessica Clarke AuthorDate: 2021-12-21 22:47:38 +0000 Commit: Jessica Clarke CommitDate: 2022-01-24 23:59:47 +0000 libc: Fix "harmless" iconv one-byte overread Checking there are still bytes left must be done before dereferencing the pointer, not the other way round. This is harmless on traditional architectures since the result will immediately be thrown away, and all callers are in separate translation units so there is no potential for optimising based on this out-of-bounds read. However, on CHERI, pointers are bounded, and so this will trap if fed a string that does not have a NUL within the first len bytes. Found by: CHERI Reviewed by: brooks (cherry picked from commit 6d5297569e70eb71eeb7ae5278a165d4ffb50874) --- lib/libc/iconv/citrus_bcs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libc/iconv/citrus_bcs.c b/lib/libc/iconv/citrus_bcs.c index b8484a0d793e..cd88ea7fe2fd 100644 --- a/lib/libc/iconv/citrus_bcs.c +++ b/lib/libc/iconv/citrus_bcs.c @@ -109,7 +109,7 @@ const char * _citrus_bcs_skip_ws_len(const char * __restrict p, size_t * __restrict len) { - while (*p && *len > 0 && _bcs_isspace(*p)) { + while (*len > 0 && *p && _bcs_isspace(*p)) { p++; (*len)--; } @@ -124,7 +124,7 @@ const char * _citrus_bcs_skip_nonws_len(const char * __restrict p, size_t * __restrict len) { - while (*p && *len > 0 && !_bcs_isspace(*p)) { + while (*len > 0 && *p && !_bcs_isspace(*p)) { p++; (*len)--; }