[PATCH v1] x86: memcmp-avx2-movbe.S and memcmp-evex-movbe.S fix overflow bug.
Florian Weimer
fweimer@redhat.com
Wed Jun 9 09:20:20 GMT 2021
* Andreas Schwab:
> On Jun 09 2021, Siddhesh Poyarekar wrote:
>
>> Hmm, I just noticed that wcsnlen is not in the ISO C draft (at least the
>> one I have from 2011) and is defined in POSIX. The description doesn't
>> seem to specify any access semantics for wcsnlen + maxlen. Are you
>> referring to the fact that it's unspecified or are you aware of anywhere
>> else in the spec that requires the implementation to ensure valid access?
>
> Does the sentence "The wcsnlen() function shall never examine more than
> the first maxlen characters of the wide-character array pointed to by
> ws." constitute a limit on maxlen, or that ws+maxlen must be valid?
Is this bug related?
wcsrtombs calls wcsnlen on input data which is not an array
<https://sourceware.org/bugzilla/show_bug.cgi?id=23711>
Thanks,
Florian
More information about the Libc-alpha
mailing list