NS_strncmp returns incorrect resuts when the string is longer than aLen

RESOLVED FIXED in Firefox 59

Status

()

enhancement
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: emk, Assigned: emk)

Tracking

unspecified
mozilla59
Points:
---

Firefox Tracking Flags

(firefox59 fixed)

Details

Attachments

(1 attachment, 1 obsolete attachment)

Assignee

Description

2 years ago
No description provided.
Assignee

Comment 1

2 years ago
Posted patch Fix NS_strncmp (obsolete) — Splinter Review
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Attachment #8938784 - Flags: review?(erahm)
Assignee

Comment 2

2 years ago
Attachment #8938784 - Attachment is obsolete: true
Attachment #8938784 - Flags: review?(erahm)
Attachment #8938786 - Flags: review?(erahm)
Comment on attachment 8938786 [details] [diff] [review]
1426989_NS_strncmp

Review of attachment 8938786 [details] [diff] [review]:
-----------------------------------------------------------------

r=me

::: xpcom/base/nsCRTGlue.cpp
@@ +116,5 @@
>      ++aStrB;
>      --aLen;
>    }
>  
> +  return aLen ? *aStrA != '\0' : 0;

Wow, good find!

::: xpcom/tests/gtest/TestCRT.cpp
@@ +47,5 @@
>    const char16_t* us1 = t1.get();
>    const char16_t* us2 = t2.get();
>  
> +  int u2, u2_n;
> +  // nsCRT::strncmp will cause buffer overrun

We should really fix that, bug 1427023 might be the right place.

@@ +89,5 @@
> +
> +  { "foo", "foobar", 3 },
> +  { "foobar", "foo", 3 },
> +  { "foobar", "foozap", 3 },
> +  { "foozap", "foobar", 3 },

Thanks for updating the tests.
Attachment #8938786 - Flags: review?(erahm) → review+

Comment 6

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/06d4983f64fe
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
You need to log in before you can comment on or make changes to this bug.