Compute the correct size of the string to move forward.
ClosedPublic
Actions

Authored by jhb on Sep 1 2020, 4:37 PM.

Details

Reviewers

brooks
kevans

Commits

rS365276: Compute the correct size of the string to move forward.

Summary

Previously this was counting the amount of spare room at the start of
the buffer that the string needed to move forward and passing that as
the number of bytes to copy to memmove rather than the length of the
string to be copied.

In the strfmon test in the test suite this caused the memmove to
overflow the allocated buffer by one byte which CHERI caught.

Reported by: CHERI
Obtained from: CheriBSD

Test Plan

run the strfmon_test tests under CHERI and verify still works under plain riscv64

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb requested review of this revision.Sep 1 2020, 4:37 PM

jhb created this revision.

Harbormaster completed remote builds in B33302: Diff 76501.Sep 1 2020, 4:37 PM

Ironically, this appears to have been introduced in rS104963 where the commit log there claims it was fixing bad pointer arithmetic. I think perhaps the author there didn't realize the string was right justified?

kevans accepted this revision.Sep 1 2020, 6:05 PM

This revision is now accepted and ready to land.Sep 1 2020, 6:05 PM

Closed by commit rS365276: Compute the correct size of the string to move forward. (authored by jhb). · Explain WhySep 2 2020, 8:04 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS365276: Compute the correct size of the string to move forward..

Herald added a subscriber: imp. · View Herald TranscriptSep 2 2020, 8:04 PM