Am 08.07.2017 um 13:08 schrieb Andreas Schwab:
On Jul 08 2017, René Scharfe <l.s.r@xxxxxx> wrote:
Avoid running over the end of another -- a C string whose length we
don't know -- by using strcmp(3) instead of memcmp(3) for comparing it
with another C string.
That's not a good justification for the change, since memcmp never reads
past the differing characters.
Interesting. Where does that guarantee come from?
ASan reports an overflow with the following test program for me on
Debian testing x64:
#include <string.h>
int main(int argc, char **argv)
{
char a[32] = "1234567890123456789012345678901";
char b[2] = "a";
return memcmp(a, b, 32);
}
