This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/12518] memcpy acts randomly (and differently) with overlapping areas

From: "vincent+libc at vinc17 dot org" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: Wed, 4 May 2011 13:32:37 +0000
Subject: [Bug libc/12518] memcpy acts randomly (and differently) with overlapping areas
Auto-submitted: auto-generated
References: <bug-12518-131@http.sourceware.org/bugzilla/>

http://sourceware.org/bugzilla/show_bug.cgi?id=12518

Vincent LefÃvre <vincent+libc at vinc17 dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |vincent+libc at vinc17 dot
                   |                            |org

--- Comment #26 from Vincent LefÃvre <vincent+libc at vinc17 dot org> 2011-05-04 13:29:06 UTC ---
(In reply to comment #18)
> The problem we're facing just made this fact plain: there is no reason why
> memcpy should not be memmove.

If these two functions should behave in the same way, then why not all
programmers use memmove (which has fewer requirements)?

If memcpy is called while the objects overlap, the bug is not necessarily that
memmove should have been used instead. The cause may be an incorrect size. So,
with this point of view, it should be safer to abort than letting the program
behave in an uncontrolled way.

(In reply to comment #25)
> So, again, I think we need at least a transition period so that people can
> detect and fix the issues.

But it may be difficult to detect the issues. For instance, zsh was affected by
a similar problem (now fixed in CVS only) with the optimized strcpy, but to
detect the problem, it involves keyboard input:

  http://www.zsh.org/mla/workers/2011/msg00533.html
  http://www.zsh.org/mla/workers/2011/msg00544.html

For strcpy, this is even worse, as there is no strmove function, so that either
programmers have to write non-portable code or they have to reimplement a naive
version of strcpy or find some other workaround, such as memmove + strlen:

  http://www.zsh.org/mla/workers/2011/msg00542.html

I suppose that if this has been done for memcpy, then strcpy should also be
patched in some way...

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]