[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Buffer over-read in l_strcmp
- From: Andrew Gierth <andrew@...>
- Date: Fri, 09 Jun 2023 20:10:42 +0100
>>>>> "Xmilia" == Xmilia Hermit <xmilia.hermit@gmail.com> writes:
Xmilia> Hi,
Xmilia> I found a buffer over-read in l_strcmp. The function uses
Xmilia> strcoll but does not account for the possibility that two
Xmilia> strings with different lengths can result in a zero retrun from
Xmilia> strcoll.
Good catch!
The behavior of strcoll even in the same locale can and often will
differ between systems and even between library versions on the same
system; but it is certainly true that it has never guaranteed that
strings of different byte length will not compare equal, which seems
to be the assumption the code is making here.
--
Andrew.