On Wed, 2017-08-30 at 10:16 +0100, Renlin Li wrote:
> Hi,
>
> In test_driver_memcmp function, I found buf1 and buf2 is not properly
> terminated with null character.
>
> In lib_strncmp, strcpy will be called with buf1 and buf2.
> The normal implementation of strcpy function has a loop to copy
> character from source
> to destination one by one until a null character is encountered.
>
> If the string is not properly terminated, this will cause the strcpy
> read/write
> memory beyond the boundary.
>
> Here I changed the strcpy into strncpy to constraint the function to
> visit
> legal memory only.
Hi,
Renlin you are correct that it shouldn't be using strcpy because the
string may not be null terminated. However I would suggest we use
memcpy instead of strncpy. The reason is that cases where there is a
null char in the middle of the string test whether the strncmp is
properly ignoring what comes after. So how about using this:
memcpy(a,str1,SZ); \
memcpy(b,str2,SZ); \
as in the test_memcmp_ part of the macro?
Aaron
>
> Test Okay without any problem. Okay to commit?
>
> Regard,
> Renlin
>
>
> gcc/testsuite/ChangeLog:
>
> 2017-08-30 Renlin Li <renlin...@arm.com>
>
> * gcc.dg/memcmp-1.c (test_strncmp): Use strncpy instead of
> strcpy.
--
Aaron Sawdey, Ph.D. acsaw...@linux.vnet.ibm.com
050-2/C113 (507) 253-7520 home: 507/263-0782
IBM Linux Technology Center - PPC Toolchain
