From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-25984-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Received: (qmail 31976 invoked by alias); 16 Aug 2014 09:58:30 -0000
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
Received: (qmail 31902 invoked by uid 48); 16 Aug 2014 09:58:20 -0000
From: "roche at httrack dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/17279] New: strncat(..., ..., SIZE_MAX) behaves incorrectly
Date: Sat, 16 Aug 2014 09:58:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: 2.19
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: roche at httrack dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc attachments.created
Message-ID: <bug-17279-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2014-08/txt/msg00067.txt.bz2

https://sourceware.org/bugzilla/show_bug.cgi?id=17279

            Bug ID: 17279
           Summary: strncat(..., ..., SIZE_MAX) behaves incorrectly
           Product: glibc
           Version: 2.19
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: roche at httrack dot com
                CC: drepper.fsp at gmail dot com

Created attachment 7749
  --> https://sourceware.org/bugzilla/attachment.cgi?id=7749&action=edit
Test case

Using SIZE_MAX as third argument to strncat() should behave as if strcat() was
used.

According to POSIX
(http://pubs.opengroup.org/onlinepubs/009695399/functions/strncat.html),

"The strncat() function shall append not more than n bytes (a null byte and
bytes that follow it are not appended) from the array pointed to by s2 to the
end of the string pointed to by s1."

The wording imply that the third "n" argument is an additional boundary limit,
not the destination buffer capacity (ie. the destination buffer is not
implicitly SIZE_MAX), and both source and destination do not overlap
(overlapping depends on the source and destination layout, not on the "n"
value)

However, it seems that the optimized strncat version of the GLIBC behaves
incorrectly, when using this value.

The culprit might be in the sysdeps/x86_64/multiarch/strcat-sse2-unaligned.S
source file (see
https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/x86_64/multiarch/strcat-sse2-unaligned.S;h=dc782f2c2370915f74673ff8184e5f2eaf2795db;hb=HEAD)

See also the comp.unix.programmer related discussion, with a possible location
of the bug in the assembly source:
https://groups.google.com/forum/#!topic/comp.unix.programmer/qKMC4A_itLs

-- 
You are receiving this mail because:
You are on the CC list for the bug.