This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Patch: fix infinite loop bug in libiberty/memchr.c
- To: gcc-patches at gcc dot gnu dot org
- Subject: Patch: fix infinite loop bug in libiberty/memchr.c
- From: "Kaveh R. Ghazi" <ghazi at caip dot rutgers dot edu>
- Date: Tue, 27 Mar 2001 17:47:30 -0500 (EST)
While doing a warning sweep in libiberty, I noticed this one:
> memchr.c:53: warning: comparison of unsigned expression >= 0 is always true
Sure enough, the `length' parameter is never honored as a terminating
condition. It'll only exit the loop if the `c' parameter is found or
crash with a SEGV when it runs past valid memory.
We never got bit because (almost) all platforms have their own memchr
and I don't think gcc source code calls it anyway. Still, I think we
should fix it. :-)
Okay to apply to mainline and 3.0 branch?
--Kaveh
2001-03-27 Kaveh R. Ghazi <ghazi@caip.rutgers.edu>
* memchr.c (memchr): Adjust condition to avoid infinite loop.
diff -rup orig/egcs-CVS20010326/libiberty/memchr.c egcs-CVS20010326/libiberty/memchr.c
--- orig/egcs-CVS20010326/libiberty/memchr.c Mon Dec 14 02:00:53 1998
+++ egcs-CVS20010326/libiberty/memchr.c Tue Mar 27 16:45:42 2001
@@ -50,7 +50,7 @@ memchr (src_void, c, length)
{
const unsigned char *src = (const unsigned char *)src_void;
- while (--length >= 0)
+ while (length-- > 0)
{
if (*src == c)
return (PTR)src;