Date: Wed, 12 Jul 2023 18:29:29 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272474] lib/libc: bcmp may give wrong results on LP64 systems Message-ID: <bug-272474-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272474 Bug ID: 272474 Summary: lib/libc: bcmp may give wrong results on LP64 systems Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: fuz@FreeBSD.org Flags: mfc-stable13?, mfc-stable12? Created attachment 243358 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D243358&action= =3Dedit fix bcmp() bug bcmp() returns the number of remaining bytes when the main loop exits. In case of a match, this is zero, else a positive integer. On systems where SIZE_MAX > INT_MAX, the implicit conversion from size_t to int in the return value may cause the number of remaining bytes to overflow, becoming zero and falsely indicating a successful comparison. This bug affects any 64 bit system that doesn't have a machdep implementati= on of bcmp(). This should be all except amd64. OpenBSD has the same implementation and is likely affected, too. The bug has presumably been present since ancient times. The attached patch fixes the bug by always returning 0 on equality, 1 otherwise. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272474-227>