Version 1.5.0 and older don't conform to the AArch64 ABI
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libjpeg-turbo (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Two ABI conformance issues for AArch64 have been fixed upstream in version 1.5.1:
https:/
https:/
The first one doesn't seem to have affected the Ubuntu builds, but the second one is present in package 1.4.2-0ubuntu3 for Xenial and I assume also in the 1.5.0 and 1.3.0 packages. Long story short, the manually implemented NEON routines stored data above the stack pointer, which is prohibited by the ABI. That data can get overwritten at any point, for example if a signal is delivered to the application, which then results in data corruption and/or crashes (the return address being one of the values stored above the stack pointer).