[PATCH] debuginfod: sqlite3_sharedprefix_fn should not compare past end of string
Mark Wielaard
mark@klomp.org
Sat Dec 4 21:41:57 GMT 2021
gcc address sanitizer detected a read after the end of string in
sqlite3_sharedprefix_fn. Make sure to stop comparing the strings when
seeing the zero terminator.
Signed-off-by: Mark Wielaard <mark@klomp.org>
---
debuginfod/debuginfod.cxx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index bb8322db..154f14ba 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -3704,7 +3704,7 @@ static void sqlite3_sharedprefix_fn (sqlite3_context* c, int argc, sqlite3_value
const unsigned char* a = sqlite3_value_text (argv[0]);
const unsigned char* b = sqlite3_value_text (argv[1]);
int i = 0;
- while (*a++ == *b++)
+ while (*a != '\0' && *b != '\0' && *a++ == *b++)
i++;
sqlite3_result_int (c, i);
}
--
2.30.2
More information about the Elfutils-devel
mailing list