242ba2e20b
[ Upstream commit c0e824661f443b8cab3897006c1bbc69fd0e7bc4 ]
memset() description in ISO/IEC 9899:1999 (and elsewhere) says:
The memset function copies the value of c (converted to an
unsigned char) into each of the first n characters of the
object pointed to by s.
The kernel's arm32 memset does not cast c to unsigned char. This results
in the following code to produce erroneous output:
char a[128];
memset(a, -128, sizeof(a));
This is because gcc will generally emit the following code before
it calls memset() :
mov r0, r7
mvn r1, #127 ; 0x7f
bl 00000000 <memset>
r1 ends up with 0xffffff80 before being used by memset() and the
'a' array will have -128 once in every four bytes while the other
bytes will be set incorrectly to -1 like this (printing the first
8 bytes) :
test_module: -128 -1 -1 -1
test_module: -1 -1 -1 -128
The change here is to 'and' r1 with 255 before it is used.
Fixes:
|
||
---|---|---|
.. | ||
Makefile | ||
ashldi3.S | ||
ashrdi3.S | ||
backtrace-clang.S | ||
backtrace.S | ||
bitops.h | ||
bswapsdi2.S | ||
call_with_stack.S | ||
changebit.S | ||
clear_user.S | ||
clearbit.S | ||
copy_from_user.S | ||
copy_page.S | ||
copy_template.S | ||
copy_to_user.S | ||
csumipv6.S | ||
csumpartial.S | ||
csumpartialcopy.S | ||
csumpartialcopygeneric.S | ||
csumpartialcopyuser.S | ||
delay-loop.S | ||
delay.c | ||
div64.S | ||
findbit.S | ||
getuser.S | ||
io-readsb.S | ||
io-readsl.S | ||
io-readsw-armv3.S | ||
io-readsw-armv4.S | ||
io-writesb.S | ||
io-writesl.S | ||
io-writesw-armv3.S | ||
io-writesw-armv4.S | ||
lib1funcs.S | ||
lshrdi3.S | ||
memchr.S | ||
memcpy.S | ||
memmove.S | ||
memset.S | ||
muldi3.S | ||
putuser.S | ||
setbit.S | ||
strchr.S | ||
strrchr.S | ||
testchangebit.S | ||
testclearbit.S | ||
testsetbit.S | ||
uaccess_with_memcpy.c | ||
ucmpdi2.S | ||
xor-neon.c |