This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: [ia64-tools] generic glibc bug


On Fri, May 05, 2000 at 04:13:10PM +0200, Dan Pop wrote:
> 
> Hi,
> 
> This is probably not the best place to report this bug, but I'm sure
> that the "right" eyes will see it.
> 
> The memccpy() implementation in glibc (both 2.1 and 2.2) is broken.
> The code looks like this:
> 
>     void *
>     __memccpy (dest, src, c, n)
> 	  void *dest; const void *src;
> 	  int c; size_t n;
>     {
>       register const char *s = src;
>       register char *d = dest;
>       register const reg_char x = (unsigned char) c;
>       register size_t i = n;
> 
>       while (i-- > 0)
> 	if ((*d++ = *s++) == x)
> 	  return d;
> 
>       return NULL;
>     }
> 
> If x is greater than 127 and plain char is signed, the match will never
> be found, because d is a pointer to char and not to unsigned char, as it
> should be.  Instead of stopping after copying the target byte and returning
> the address of the next byte in dest, the function will copy all n bytes and
> return NULL.
> 

It looks like a real bug. We should change "char *" to
"unsigned char *".


-- 
H.J. Lu (hjl@gnu.org)

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]