From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,
	RCVD_IN_MSPIKE_WL,SUBJ_OBFU_PUNCT_FEW autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 18277 invoked from network); 31 Aug 2020 01:01:59 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 31 Aug 2020 01:01:59 -0000
Received: (qmail 20047 invoked by uid 550); 31 Aug 2020 01:01:55 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 7379 invoked from network); 31 Aug 2020 00:34:22 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com;
	s=1a1hai; t=1598834050;
	bh=oLuin73LnTfIL1UDEqVxS6gKmesv8dUMRQ9pIh99nGQ=;
	h=From:Content-Type:Mime-Version:Subject:Message-Id:Date:To;
	b=Q3h+p0hcdrlVowwyPi7EdiHChoHy4PBfdgiohoJaBIWU+kIspcUNUzzA92DKYnsp0
	 ZTqT8BqaEoYik9qeQkKquCHhZ/WB45HDvvzVtIDS8DjhuuRD20usdcpeTQfNg6pyVJ
	 7ZY05E74+FmhjiGgpvS/kkeSpSKXakX99JJPyY5s8LMlOFVRblDNrj1VMVlTttT17r
	 k1Rjt2+A1b5vNVni5KRqNjVWHOR0qzHE5w5cz2a3rBYx1Y0dUM1HTW3eKv0cBQu6Lj
	 t7Z3Ck7qJ2FsEqCW2Vl6Et6Hk4E/f6LlEFf7YIMiKEZAgwETBxXppeWcm5lT5tNNYE
	 lTuSIy7igheLQ==
From: Theodore Dubois <tblodt@icloud.com>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
Message-Id: <3C00D395-838B-4DB0-99FC-3947F1BCF054@icloud.com>
Date: Sun, 30 Aug 2020 17:34:09 -0700
To: musl@lists.openwall.com
X-Mailer: Apple Mail (2.3608.80.23.2.2)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235,18.0.687
 definitions=2020-08-30_10:2020-08-28,2020-08-30 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 mlxscore=0
 mlxlogscore=652 adultscore=0 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.0.1-2006250000 definitions=main-2008310002
Subject: [musl] i386 __set_thread_area will crash if the syscall fails

Found a (small) bug in this file: =
https://git.musl-libc.org/cgit/musl/tree/src/thread/i386/__set_thread_area=
.s

If the syscall fails, the branch on line 20 is taken and %eax will be a =
small negative number. Then "mov $123,%al" will make syscall 0xffffff7b =
instead of 0x7b, since overwriting %al only overwrites the low byte of =
%eax. So the modify_ldt fallback has apparently never worked.

Tangentially, I'm not sure why this file has so many hardcoded magic =
numbers and no comments to explain what they are.

~Theodore=