public inbox for elfutils@sourceware.org
 help / color / mirror / Atom feed
* [PATCH] debuginfod: sqlite3_sharedprefix_fn should not compare past end of string
@ 2021-12-04 21:41 Mark Wielaard
       [not found] ` <20211204225407.GA25054@redhat.com>
  0 siblings, 1 reply; 2+ messages in thread
From: Mark Wielaard @ 2021-12-04 21:41 UTC (permalink / raw)
  To: elfutils-devel; +Cc: Mark Wielaard

gcc address sanitizer detected a read after the end of string in
sqlite3_sharedprefix_fn. Make sure to stop comparing the strings when
seeing the zero terminator.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 debuginfod/debuginfod.cxx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index bb8322db..154f14ba 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -3704,7 +3704,7 @@ static void sqlite3_sharedprefix_fn (sqlite3_context* c, int argc, sqlite3_value
       const unsigned char* a = sqlite3_value_text (argv[0]);
       const unsigned char* b = sqlite3_value_text (argv[1]);
       int i = 0;
-      while (*a++ == *b++)
+      while (*a != '\0' && *b != '\0' && *a++ == *b++)
         i++;
       sqlite3_result_int (c, i);
     }
-- 
2.30.2


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [PATCH] debuginfod: sqlite3_sharedprefix_fn should not compare past end of string
       [not found] ` <20211204225407.GA25054@redhat.com>
@ 2021-12-05 17:09   ` Mark Wielaard
  0 siblings, 0 replies; 2+ messages in thread
From: Mark Wielaard @ 2021-12-05 17:09 UTC (permalink / raw)
  To: Frank Ch. Eigler; +Cc: elfutils-devel

On Sat, Dec 04, 2021 at 05:54:07PM -0500, Frank Ch. Eigler wrote:
> > gcc address sanitizer detected a read after the end of string in
> > sqlite3_sharedprefix_fn. Make sure to stop comparing the strings when
> > seeing the zero terminator.
> 
> Yup, OK.

Thanks, pushed.

Mark


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-12-05 17:09 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-04 21:41 [PATCH] debuginfod: sqlite3_sharedprefix_fn should not compare past end of string Mark Wielaard
     [not found] ` <20211204225407.GA25054@redhat.com>
2021-12-05 17:09   ` Mark Wielaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).