Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 23 Jul 2020 21:33:10 +0000 (UTC)
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r363459 - head/sys/riscv/riscv
Message-ID:  <202007232133.06NLXAWM083356@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: jhb
Date: Thu Jul 23 21:33:10 2020
New Revision: 363459
URL: https://svnweb.freebsd.org/changeset/base/363459

Log:
  Pass the right size to memcpy() when copying the array of FP registers.
  
  The size of the containing structure was passed instead of the size of
  the array.  This happened to be harmless as the extra word copied is
  one we copy in the next line anyway.
  
  Reported by:	CHERI (bounds check violation)
  Reviewed by:	brooks, imp
  Obtained from:	CheriBSD
  MFC after:	1 week
  Sponsored by:	DARPA
  Differential Revision:	https://reviews.freebsd.org/D25791

Modified:
  head/sys/riscv/riscv/machdep.c

Modified: head/sys/riscv/riscv/machdep.c
==============================================================================
--- head/sys/riscv/riscv/machdep.c	Thu Jul 23 20:08:42 2020	(r363458)
+++ head/sys/riscv/riscv/machdep.c	Thu Jul 23 21:33:10 2020	(r363459)
@@ -419,7 +419,7 @@ get_fpcontext(struct thread *td, mcontext_t *mcp)
 		KASSERT((curpcb->pcb_fpflags & ~PCB_FP_USERMASK) == 0,
 		    ("Non-userspace FPE flags set in get_fpcontext"));
 		memcpy(mcp->mc_fpregs.fp_x, curpcb->pcb_x,
-		    sizeof(mcp->mc_fpregs));
+		    sizeof(mcp->mc_fpregs.fp_x));
 		mcp->mc_fpregs.fp_fcsr = curpcb->pcb_fcsr;
 		mcp->mc_fpregs.fp_flags = curpcb->pcb_fpflags;
 		mcp->mc_flags |= _MC_FP_VALID;
@@ -446,7 +446,7 @@ set_fpcontext(struct thread *td, mcontext_t *mcp)
 		curpcb = curthread->td_pcb;
 		/* FPE usage is enabled, override registers. */
 		memcpy(curpcb->pcb_x, mcp->mc_fpregs.fp_x,
-		    sizeof(mcp->mc_fpregs));
+		    sizeof(mcp->mc_fpregs.fp_x));
 		curpcb->pcb_fcsr = mcp->mc_fpregs.fp_fcsr;
 		curpcb->pcb_fpflags = mcp->mc_fpregs.fp_flags & PCB_FP_USERMASK;
 		td->td_frame->tf_sstatus |= SSTATUS_FS_CLEAN;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202007232133.06NLXAWM083356>