negative memcpy

manish kumar deliver2manish at gmail.com
Wed Aug 10 05:25:55 UTC 2011


On Wed, Aug 10, 2011 at 12:06 PM, Denys Vlasenko
<vda.linux at googlemail.com> wrote:

> Try disassembling a static binary.

I disassembled the static version. It appears it is calling the CPU
specific optimized memcpy() with unrolled loops. But then how can I
fix this problem. I want this test case to crash.

The disassembly is attached as file (pending moderator approval) and
inline below (partially since it is too big):

int main()
{
 4002a0:       27bdffc0        addiu   sp,sp,-64
 4002a4:       afbf003c        sw      ra,60(sp)
 4002a8:       afbe0038        sw      s8,56(sp)
 4002ac:       03a0f021        move    s8,sp
      size_t size = -1;
 4002b0:       2402ffff        li      v0,-1
 4002b4:       afc20018        sw      v0,24(s8)
      char src[10] = {0, }, dest[10] = {0, };
 4002b8:       afc0001c        sw      zero,28(s8)
 4002bc:       afc00020        sw      zero,32(s8)
 4002c0:       a7c00024        sh      zero,36(s8)
 4002c4:       afc00028        sw      zero,40(s8)
 4002c8:       afc0002c        sw      zero,44(s8)
 4002cc:       a7c00030        sh      zero,48(s8)
      memcpy(dest, src, size);
 4002d0:       27c30028        addiu   v1,s8,40
 4002d4:       27c2001c        addiu   v0,s8,28
 4002d8:       00602021        move    a0,v1
 4002dc:       00402821        move    a1,v0
 4002e0:       8fc60018        lw      a2,24(s8)
 4002e4:       0c1000c4        jal     400310 <__GI_memcpy>
 4002e8:       00000000        nop
      return 1;
 4002ec:       24020001        li      v0,1
}
 4002f0:       03c0e821        move    sp,s8
 4002f4:       8fbf003c        lw      ra,60(sp)
 4002f8:       8fbe0038        lw      s8,56(sp)
 4002fc:       27bd0040        addiu   sp,sp,64
- Hide quoted text -
 400300:       03e00008        jr      ra
 400304:       00000000        nop
      ...

00400310 <__GI_memcpy>:
 400310:       3c080041        lui     t0,0x41
 400314:       8d083060        lw      t0,12384(t0)
 400318:       110005ec        beqz    t0,401acc <detect_cpu>
 40031c:       00000000        nop


More information about the uClibc mailing list