[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: out of bounds heap read in scan_node_contents
From: |
Hanno Böck |
Subject: |
Re: out of bounds heap read in scan_node_contents |
Date: |
Mon, 23 Jan 2017 23:01:12 +0100 |
On Mon, 23 Jan 2017 20:52:14 +0000
Gavin Smith <address@hidden> wrote:
> > I just tried it with -fsanitize=address and got the error. For some
> > reason, the version of valgrind I have installed didn't see anything
> > wrong. I don't have a fix yet.
That's not surprising, valgrind can't find all the bug classes that
address sanitizer finds.
> The difference appears to be in how 'memcmp' is run. Apparently it can
> access bytes after those that indicate a difference between the two
> operands. I'm not sure if it should be valid to use 'memcmp' to check
> if we are looking at a particular string within a valid area of
> memory, but changing it to strncmp removes the problem. 'strncmp'
> doesn't look at anything past a null byte at the end of the buffer.
Yes, that's the right fix in such a case. You shouldn't overread with
memcmp, strncmp will make sure that if you compare zero-terminated
strings that it doesn't overread.
--
Hanno Böck
https://hboeck.de/
mail/jabber: address@hidden
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42