clarify the
intention and just expect gcc to compile it away.
Thanks!
Daniel
On 4/23/19 1:00 PM, Aleksandar Markovic wrote:
> On Wed, Apr 17, 2019 at 9:50 PM Daniel Santos wrote:
>> In load_elf_binary, struct image_info interp_info is used without being
>> properly initialized. O
Thanks Peter. I was just reading up on the CVE process and I agree.
Obviously, it's dangerous to use uninitialized values, but that doesn't
necessarily make it a vulnerability.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://
And thank you Thomas for the instructions!
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1825002
Title:
"qemu: Unexpected FPU mode" since
0c1bbedc10e86ea9366b6af8c5520fafa3266b2f
Status in QEMU:
reccomend backporting to
3.1.0.
Signed-off-by: Daniel Santos
---
linux-user/elfload.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index c1a26021f8..7f09d572a2 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -2698,6 +2698,11 @@ i
Actually, this is a better patch. Let's sanitize struct image_info
interp_info.
** Patch added: "0001-1825002-fix-mips-Unexpected-FPU-mode.patch"
https://bugs.launchpad.net/qemu/+bug/1825002/+attachment/5256566/+files/0001-1825002-fix-mips-Unexpected-FPU-mode.patch
--
You received this bug
In load_elf_binary (linux-user/elfload.c b/linux-user/elfload.c:2644)
the entire interp_info struct should be inited, I would call this a CVE.
At a very minimum, init the fp_abi field so we don't use whatever
happened to be on the stack for the FPU mode should the ELF header not
specify otherwise.
** Attachment added: "This is my foreign /bin/bash, of note the first 1k
appears to be mis-handled"
https://bugs.launchpad.net/qemu/+bug/1825002/+attachment/5256368/+files/bash
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https
The check in target_cpu_copy_regs at linux-user/mips/cpu_loop.c:776 Is
reading an uninitialized value:
if ((info->fp_abi > MAX_FP_ABI && info->fp_abi != MIPS_ABI_FP_UNKNOWN)
|| (info->interp_fp_abi > MAX_FP_ABI &&
info->interp_fp_abi != MIPS_ABI_FP_UNKNOWN)) {
fpri
Public bug reported:
This happens every time I attempt to chroot into a gentoo-mips image
unless I load the executable via ld.so
/home (root)# chroot gentoo-mips32r2el /bin/sh
qemu: Unexpected FPU mode
/home (root)# chroot gentoo-mips32r2el /lib/ld-2.19.so /bin/sh
sh-4.2# exit
/home (root)#
I d
