HomeFreeBSD
Diffusion FreeBSD src repository 3b0dacf6fd13

lib/libc/string/bcmp.c: fix integer overflow bug
3b0dacf6fd13
Actions

Description

lib/libc/string/bcmp.c: fix integer overflow bug

bcmp() returned the number of remaining bytes when the main loop exits.
In case of a match, this is zero, else a positive integer. On systems
where SIZE_MAX > INT_MAX, the implicit conversion from size_t to int in
the return value may cause the number of remaining bytes to overflow,
becoming zero and falsely indicating a successful comparison.

Fix the bug by always returning 0 on equality, 1 otherwise.

PR: 272474
Approved by: emaste
Reviewed by: imp
MFC After: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41011

(cherry picked from commit 4da7282a1882fc03c99591c27d44a2e6dfda364b)

Details

Provenance
fuzAuthored on Jul 12 2023, 6:23 PM
Reviewer
imp
Differential Revision
D41011: lib/libc/string/bcmp.c: fix integer overflow bug
Parents
rG2c03221cce0b: lib/libc/string: replace ffs/fls implementations with clang builtins
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
lib/
libc/
string/

rG3b0dacf6fd13

View Options

lib/libc/string/bcmp.c

Loading...