Make sure that statements such as: strcpy (dst, "/gnu/store/…"); or static const char str[] = "/gnu/store/…"; … strcpy (dst, str); do not result in chunked /gnu/store strings that are undetectable by Guix's GC and its grafting code. See and . --- gcc-5.3.0/gcc/builtins.c 2016-10-18 10:50:46.080616285 +0200 +++ gcc-5.3.0/gcc/builtins.c 2016-11-09 15:26:43.693042737 +0100 @@ -3012,6 +3012,58 @@ determine_block_size (tree len, rtx len_rtx, GET_MODE_MASK (GET_MODE (len_rtx))); } +extern void debug_tree (tree); + +/* Return true if STR contains the string "/gnu/store". */ + +bool +store_reference_p (tree str) +{ + if (getenv ("GUIX_GCC_DEBUG") != NULL) + debug_tree (str); + + if (TREE_CODE (str) == ADDR_EXPR) + str = TREE_OPERAND (str, 0); + + if (TREE_CODE (str) == VAR_DECL + && TREE_STATIC (str) + && TREE_READONLY (str)) + { + /* STR may be a 'static const' variable whose initial value + is a string constant. See . */ + str = DECL_INITIAL (str); + if (str == NULL_TREE) + return false; + } + + if (TREE_CODE (str) != STRING_CST) + return false; + + int len; + const char *store; + + store = getenv ("NIX_STORE") ? getenv ("NIX_STORE") : "/gnu/store"; + len = strlen (store); + + /* Size of the hash part of store file names, including leading slash and + trailing hyphen. */ + const int hash_len = 34; + + if (TREE_STRING_LENGTH (str) < len + hash_len) + return false; + + /* We cannot use 'strstr' because 'TREE_STRING_POINTER' returns a string + that is not necessarily NUL-terminated. */ + + for (int i = 0; i < TREE_STRING_LENGTH (str) - (len + hash_len); i++) + { + if (strncmp (TREE_STRING_POINTER (str) + i, store, len) == 0) + return true; + } + + return false; +} + /* Try to verify that the sizes and lengths of the arguments to a string manipulation function given by EXP are within valid bounds and that the operation does not lead to buffer overflow or read past the end. @@ -3605,6 +3657,13 @@ expand_builtin_memory_copy_args (tree dest, tree src, tree len, unsigned HOST_WIDE_INT max_size; unsigned HOST_WIDE_INT probable_max_size; + /* Do not emit block moves, which translate to the 'movabs' instruction on + x86_64, when SRC refers to store items. That way, store references + remain visible to the Guix GC and grafting code. See + . */ + if (store_reference_p (src)) + return NULL_RTX; + /* If DEST is not a pointer type, call the normal function. */ if (dest_align == 0) return NULL_RTX; --- gcc-5.5.0/gcc/gimple-fold.c 2018-03-20 11:36:16.709442004 +0100 +++ gcc-5.5.0/gcc/gimple-fold.c 2018-03-20 11:46:43.838487065 +0100 @@ -635,6 +635,8 @@ var_decl_component_p (tree var) return SSA_VAR_P (inner); } +extern bool store_reference_p (tree); + /* If the SIZE argument representing the size of an object is in a range of values of which exactly one is valid (and that is zero), return true, otherwise false. */ @@ -742,6 +744,9 @@ gimple_fold_builtin_memory_op (gimple_stmt_iterator *gsi, off0 = build_int_cst (build_pointer_type_for_mode (char_type_node, ptr_mode, true), 0); + if (store_reference_p (src)) + return false; + /* If we can perform the copy efficiently with first doing all loads and then all stores inline it that way. Currently efficiently means that we can load all the memory into a single integer '2020-04-29 13:44:10 -0400'>2020-04-29gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057,13565}]....* gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.50. (openldap/fixed): Replace with ... (openldap-2.4.50): ... new variable. * gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Leo Famulari 2020-04-28gnu: openldap: Fix CVE-2020-12243....* gnu/packages/openldap.scm (openldap)[replacement]: New field. (openldap/fixed): New variable. * gnu/packages/patches/openldap-CVE-2020-12243.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Efraim Flashner