This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] stdlib-bsearch: middle element calculation may overflow
- From: Pip Cet <pipcet at gmail dot com>
- To: Sergey Senozhatsky <sergey dot senozhatsky dot work at gmail dot com>
- Cc: Mike Frysinger <vapier at gentoo dot org>, "libc-alpha at sourceware dot org" <libc-alpha at sourceware dot org>, Sergey Senozhatsky <sergey dot senozhatsky at gmail dot com>
- Date: Thu, 16 Mar 2017 08:53:35 +0000
- Subject: Re: [PATCH] stdlib-bsearch: middle element calculation may overflow
- Authentication-results: sourceware.org; auth=none
- References: <20170316052615.7662-1-sergey.senozhatsky@gmail.com> <20170316073208.GY24205@vapier> <20170316082639.GD464@jagdpanzerIV.localdomain>
I don't see why any of the array elements need to be valid, it's
purely a test of void*/char* arithmetic.
int c(const void *a, const void *b)
{
return (b > a) ? -1 : ((b < a) ? 1 : 0);
}
int main(void)
{
printf("%p\n", bsearch((void *)0xfffffffffffffffeULL, NULL,
0xffffffffffffffffULL, 1, c));
return 0;
}
works with the patch, and fails without it, on x86_64. (I'm not sure
whether the behavior is defined by the C standard, but I'm pretty sure
it's defined by the x86_64 ABI).