This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Possible bug in fortified stpncpy

From: Mike Frysinger <vapier at gentoo dot org>
To: Zack Weinberg <zackw at panix dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Sat, 8 Aug 2015 23:32:33 -0400
Subject: Re: Possible bug in fortified stpncpy
Authentication-results: sourceware.org; auth=none
References: <CAKCAbMjJ9aVZhc9jvn3HOwkSViCEybXmg=buNDttwctCOxvKvg at mail dot gmail dot com>

On 08 Aug 2015 17:06, Zack Weinberg wrote:
> GCC doesn't have a fortification builtin for stpncpy, so bits/string3.h has
> 
> __fortify_function char *
> __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
> {
>   if (__bos (__dest) != (size_t) -1
>       && (!__builtin_constant_p (__n) || __n <= __bos (__dest)))
>     return __stpncpy_chk (__dest, __src, __n, __bos (__dest));
>   return __stpncpy_alias (__dest, __src, __n);
> }
> 
> I think the last clause of the conditional,
> 
>     || __n <= __bos (__dest)
> 
> may be backward.  The code should call the runtime-checking function
> if __n is not constant, or if __n is known to be LARGER than the size
> of the destination.  Ne?

agreed.  feel like sending a patch ? :)
-mike

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: Possible bug in fortified stpncpy
  - From: Zack Weinberg
- Re: Possible bug in fortified stpncpy
  - From: Zack Weinberg

References:
- Possible bug in fortified stpncpy
  - From: Zack Weinberg

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]