This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Generic strlen

From: "David A. Ramos" <daramos at stanford dot edu>
To: newlib at sourceware dot org
Date: Fri, 29 Oct 2010 10:49:23 -0700
Subject: Generic strlen

Hi newlib maintainers,

Our checking tools (KLEE) keeps complaining about newlib's generic strlen version. It looks like it was patched back in May 2008 to include a speed hack that violates ISO C. It attempts to first word align the pointer, and then read a word at a time to check for a NULL:

libc/string/strlen.c:
73  /* If the string is word-aligned, we can check for the presence of                     
74     a null in each word-sized block.  */
75  aligned_addr = (unsigned long *)str;
76  while (!DETECTNULL (*aligned_addr))
77    aligned_addr++;

Obviously, this can read out of bounds if the memory allocated to that string is less than a word in length. While on most architectures this wouldn't actually cause a segfault, I don't think that's a safe assumption for the generic version of a libc routine. The same patch included an i386 target containing the same algorithm, which may be perfectly acceptable.

Thoughts?

-David

Follow-Ups:
- Re: Generic strlen
  - From: Eric Blake

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]