3506 – strverscmp misbehaves with additional text after the version number

Bug 3506 - strverscmp misbehaves with additional text after the version number

Summary: strverscmp misbehaves with additional text after the version number

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	libc (show other bugs)
Version:	unspecified

Importance:	P2 normal
Target Milestone:	---
Assignee:	Ulrich Drepper

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-11-11 17:00 UTC by Guillaume Chazarain
Modified:	2016-05-08 14:08 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Flags:	fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Guillaume Chazarain 2006-11-11 17:00:32 UTC

strverscmp("gliv-1.0", "gliv-1.0.1") => -46 => Good
strverscmp("gliv-1.0.tar.gz", "gliv-1.0.1.tar.gz") => 67 => Bad
Given that strverscmp is mainly used to sort filenames of versionned projects,
it should apply the same order with or without a suffix.

Comment 1 Jakub Jelinek 2006-11-27 15:25:51 UTC

The strverscmp function really can't change at this point, it is well documented
how it behaves and programs rely on its behavior.  strverscmp only cares about
the longest substring containing consecutive digits around the first differing
byte, so not even dots mean anything to it.
You are looking for a function like rpmvercmp in <rpm/rpmlib.h> which provides
segmented comparison.  But why should that be in libc?

Comment 2 Guillaume Chazarain 2006-12-03 13:52:16 UTC

Thanks for pointing me out rpmvercmp. If you don't want to change the strverscmp
behaviour, then the bug should be closed I think.

Comment 3 Ulrich Drepper 2007-02-16 07:33:29 UTC

strverscmp cannot be changed.  And it's simply not meant to do the kind of
comparisons you expect it to do.