Hi,
I am writing to report a bug in the strrchr function of klibc.
The bug is in the C implementation of strrchr as located in the usr/klibc/
directory of the klibc repository. The klibc version was `2.0.11` and the
source code was downloaded from the Linux Kernel Archives
<https://mirrors.edge.kernel.org/pub/linux/libs/klibc/2.0/klibc-2.0.11.tar.gz>
.
Please find a detailed report below.
Linux[0] manpage for strrchr() specifies that the terminating null byte is
considered part of the string, so that if c is specified as '\0', this
function returns a pointer to the terminator. klibc's implementation does
not follow this and thus gives wrong output when `c' is '\0'.
An example input is:
const char src[] = {128, '\0'};
char *ret = strrchr(src, 0);
if (!ret) {
printf("BUG!\n");
}
The file that demonstrates the bug can be found here
<https://github.com/compilerai/bug-reports/blob/master/bug_files/klibc_strrchr_bug.c>
.
0: https://man7.org/linux/man-pages/man3/strchr.3.html
Thanks,
Jai Arora, Abhishek Rose, Shubhani Gupta, Sorav Bansal
CompilerAI Research Group
IIT Delhi, India
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.zytor.com/archives/klibc/attachments/20221228/54473825/attachment.htm>
On Wed, 2022-12-28 at 17:01 +0530, Bugs Reporter wrote:> Hi, > > I am writing to report a bug in the strrchr function of klibc. > The bug is in the C implementation of strrchr as located in the usr/klibc/ > directory of the klibc repository. The klibc version was `2.0.11` and the > source code was downloaded from the Linux Kernel Archives > <https://mirrors.edge.kernel.org/pub/linux/libs/klibc/2.0/klibc-2.0.11.tar.gz> > . > Please find a detailed report below. > > Linux[0] manpage for strrchr() specifies that the terminating null byte is > considered part of the string, so that if c is specified as '\0', this > function returns a pointer to the terminator. klibc's implementation does > not follow this and thus gives wrong output when `c' is '\0'. > An example input is: > const char src[] = {128, '\0'}; > char *ret = strrchr(src, 0); > if (!ret) { > printf("BUG!\n"); > } > > The file that demonstrates the bug can be found here > <https://github.com/compilerai/bug-reports/blob/master/bug_files/klibc_strrchr_bug.c> > > 0: https://man7.org/linux/man-pages/man3/strchr.3.htmlThank you for your report! I've fixed this bug: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=61d2ea539c88f7862b3992b9a00daaedb6bb68ef and added test cases for the various string search functions: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9707c6b8d4e6292482bd159458d426cdf2ca9d33 Ben. -- Ben Hutchings Always try to do things in chronological order; it's less confusing that way. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: <https://lists.zytor.com/archives/klibc/attachments/20221230/dae12d0d/attachment.sig>