Bug in MIPS strncpy
Perry McFarlane
perry_m@fastmail.fm
Mon Jun 30 15:28:00 GMT 2008
I found a bug in the MIPS-optimized strncpy
(newlib/libc/machine/mips/strncpy.c)
There is an unrolled loop to read from the source string 4 bytes at a
time, but this could read past the \0 and cause a SEGV.
The MIPS-optimized strncpy was added as part of this patch:
http://sourceware.org/ml/newlib/2001/msg00594.html
I suppose that it could be fixed by only reading groups of 4 bytes that
are word-alligned.
--
Perry McFarlane
perry_m@fastmail.fm
--
http://www.fastmail.fm - IMAP accessible web-mail
More information about the Newlib
mailing list