ia64: Fix memchr for large input sizes (BZ #22603)

Current optimized ia64 memchr uses a strategy to check for last address by adding the input one with expected size. However it does not take care for possible overflow. It was triggered by 3038145ca2 where default rawmemchr now uses memchr (p, c, (size_t)-1). This patch fixes it by implement a satured addition where overflows sets the maximum pointer size to UINTPTR_MAX. Checked on ia64-linux-gnu where it fixes both stratcliff and test-rawmemchr failures. Adhemerval Zanella <adhemerval.zanella@linaro.org> James Clarke <jrtc27@jrtc27.com> [BZ #22603] * sysdeps/ia64/memchr.S (__memchr): Avoid overflow in pointer addition.
2017-12-14 09:05:46 -02:00 · 2017-12-14 09:05:46 -02:00 · 3bb1ef58b9
parent 554e3d51ef
commit 3bb1ef58b9
2 changed files with 11 additions and 0 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+2017-12-19  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
+	    James Clarke <jrtc27@jrtc27.com>
+
+	[BZ #22603]
+	* sysdeps/ia64/memchr.S (__memchr): Avoid overflow in pointer
+	addition.
+
 2017-12-19  Adhemerval Zanella  <adhemerval.zanella@linaro.org>

 	[BZ #22605]
--- a/sysdeps/ia64/memchr.S
+++ b/sysdeps/ia64/memchr.S
@ -67,6 +67,10 @@ ENTRY(__memchr)
 	.body
 	mov	ret0 = str
 	add	last = str, in2		// last byte
+	;;
+	cmp.ltu	p6, p0 = last, str
+	;;
+(p6)	mov	last = -1
 	and	tmp = 7, str		// tmp = str % 8
 	cmp.ne	p7, p0 = r0, r0		// clear p7
 	extr.u	chr = in1, 0, 8		// chr = (unsigned char) in1