Re: bash-4.3 bug report

[Eric Blake]

On 04/14/2014 08:50 AM, Chet Ramey wrote:
> On 4/14/14, 5:34 AM, David Binderman wrote:
>> Hello there,
>>
>>  [bind.c:2238]: (style) Array index 'j' is used before limits check.
>>
>> Source code is
>>
>>           for (j = 0; invokers[j] && j < 5; j++)
>>
>> Suggest new code
>>
>>           for (j = 0; (j < 5) && (invokers[j] != NULL); j++)
> 
> Can you give me a use case for which this makes a difference?

It silences static code checkers and avoids undefined C behavior.

Also, if invokers[] is allocated such that it ends on the end of a page
boundary (such as might be the case under certain malloc debuggers),
then doing the bounds check first will avoid an out-of-bounds access
causing a SEGFAULT.

But in the normal case, when invokers[] is NOT at the end of the page,
the out-of-bounds access will read unspecified memory, but the result of
that read will either be 0 (short-circuiting the bounds check) or
non-zero where the bounds check fails, so even if you leave the
undefined behavior in place, in practice you will usually get the same
result as the defined behavior achieved by swapping things to do the
bounds check first.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature