Обсуждение: Fix memcmp() with different sizes.

Поиск
Список
Период
Сортировка

Fix memcmp() with different sizes.

От
Kurt Roeckx
Дата:
Not everything in the re_array is the same size.  This patch
first checks that they actually are the same size in the first
place.


Kurt


Вложения

Re: Fix memcmp() with different sizes.

От
Tom Lane
Дата:
Kurt Roeckx <Q@ping.be> writes:
> -        if (memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&
> +        if (VARSIZE(re_array[i].cre_pat) == text_re_len &&
> +        memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&

This is not actually broken.  The first four bytes of what memcmp is
comparing are the length, and so it'll fall out immediately anyway if
the lengths differ.

            regards, tom lane

Re: Fix memcmp() with different sizes.

От
Kurt Roeckx
Дата:
On Mon, Feb 02, 2004 at 09:27:46PM -0500, Tom Lane wrote:
> Kurt Roeckx <Q@ping.be> writes:
> > -        if (memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&
> > +        if (VARSIZE(re_array[i].cre_pat) == text_re_len &&
> > +        memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&
>
> This is not actually broken.  The first four bytes of what memcmp is
> comparing are the length, and so it'll fall out immediately anyway if
> the lengths differ.

That assumes the memcmp starts from the first char and not from
the last.  If it starts from the last you have undefined
behaviour.


Kurt


Re: Fix memcmp() with different sizes.

От
Tom Lane
Дата:
Kurt Roeckx <Q@ping.be> writes:
> That assumes the memcmp starts from the first char and not from
> the last.  If it starts from the last you have undefined
> behaviour.

Hmm.  I suppose you could get a reference off the end of memory;
pretty improbable but we have actually seen similar bugs in the field.
Okay, will fix.

            regards, tom lane