> On Sat, Dec 12, 2009 at 04:26:20PM +0100, Segher Boessenkool wrote:
>> >memcmp() is wrong here, the symbol name can be shorter than
>> >KSYMTAB_PFX
>> >or CRC_PFX.
>>
>> >- if (memcmp(symname, CRC_PFX, strlen(CRC_PFX)) == 0) {
>> >+ if (strncmp(symname, CRC_PFX, strlen(CRC_PFX)) == 0) {
>>
>> This doesn't change anything. In both cases the function will return 0
>> only if all strlen(CRC_PFX) chars match, and in both cases it can access
>> strlen(CRC_PFX) chars (strncmp() is allowed to access characters after
>> the first \0 just fine).
>
> str(n)cmp is not allowed to access characters past the NUL byte.
Let me apologise for the confusion.
strncmp() _can_ access characters past the first NUL byte; and
many implementations do so (they do accesses per 32-bit word,
for example). But strncmp() behaves as-if it didn't compare
anything past the first null character, so for example causing
a page fault if the string ends just before the end of a memory
page isn't allowed; OTOH, the parameters to memcmp() are required
to point to two objects, each at least "len" bytes big.
So the patch fixes a real problem. I'm sorry for being dense.
Acked-by: Segher Boessenkool <segher@xxxxxxxxxxxxxxxxxxx>
Segher
--
To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
