This is the mail archive of the
mailing list for the glibc project.
Re: [PATCH] string: Add tests for zero length string inputs
- From: Florian Weimer <fweimer at redhat dot com>
- To: Will Newton <will dot newton at linaro dot org>, libc-alpha <libc-alpha at sourceware dot org>
- Date: Fri, 12 Dec 2014 10:51:45 +0100
- Subject: Re: [PATCH] string: Add tests for zero length string inputs
- Authentication-results: sourceware.org; auth=none
- References: <1410910830-20900-1-git-send-email-will dot newton at linaro dot org> <CANu=Dmh58f9bk16sZkrM6-+YCCnkODRAoe4asnzxFcj9zX4MDA at mail dot gmail dot com>
On 10/15/2014 11:41 AM, Will Newton wrote:
On 17 September 2014 00:40, Will Newton <firstname.lastname@example.org> wrote:
For the string functions that take string lengths as an argument we
should ensure that no data is read or written if a length of zero is
specified. Pointers to PROT_NONE memory are used to ensure that any
reads or writes will cause a fault.
Is there any consensus that this patch is useful or should I drop it?
I, for one, think the patch is useful.
Florian Weimer / Red Hat Product Security