From 5e61abf740015f31ed8f3ef1646d295257b03af3 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Tue, 21 Apr 2020 17:40:23 +0000 Subject: [PATCH] Check the magic value in longjmp() before calling sigprocmask(). This avoids passing garbage to sigprocmask() if the jump buffer is invalid. Reviewed by: mhorne Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D24483 --- lib/libc/riscv/gen/setjmp.S | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/libc/riscv/gen/setjmp.S b/lib/libc/riscv/gen/setjmp.S index e9c4ec356bb..c0458e907ce 100644 --- a/lib/libc/riscv/gen/setjmp.S +++ b/lib/libc/riscv/gen/setjmp.S @@ -100,6 +100,11 @@ ENTRY(setjmp) END(setjmp) ENTRY(longjmp) + /* Check the magic value */ + ld t0, 0(a0) + ld t1, .Lmagic + bne t0, t1, botch + addi sp, sp, -(4 * 8) sd a0, (0 * 8)(sp) sd ra, (1 * 8)(sp) @@ -116,11 +121,6 @@ ENTRY(longjmp) ld a0, (0 * 8)(sp) addi sp, sp, (4 * 8) - /* Check the magic value */ - ld t0, 0(a0) - ld t1, .Lmagic - bne t0, t1, botch - /* Restore the stack pointer */ ld t0, 8(a0) mv sp, t0