Bug 500136 - memchr(ptr,c,0) makes invalid memory access
memchr(ptr,c,0) makes invalid memory access
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
x86_64 Linux
low Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-05-11 07:13 EDT by Bruno Haible
Modified: 2009-05-11 19:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-05-11 19:37:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
test case (653 bytes, text/plain)
2009-05-11 07:14 EDT, Bruno Haible
no flags Details

  None (edit)
Description Bruno Haible 2009-05-11 07:13:13 EDT
Description of problem:

memchr(ptr,c,0) makes a memory access to *ptr. But according to ISO C 99, memchr(ptr,c,n) must only access the n bytes starting at ptr, not the n+1 bytes starting at ptr. For n=0, it means no memory access to *ptr at all.

Version-Release number of selected component (if applicable):

How reproducible:

Compile and run the attached program.

Steps to Reproduce:
1. gcc -O -Wall memchr-bug.c
2. ./a.out
Actual results:

Segfaults inside memchr:

    memchr () at ../sysdeps/x86_64/memchr.S:31
    31              movdqa  (%rdi), %xmm0

Expected results:

Exits normally with exit code 0.

Additional info:

This may be the same bug as

A related but different issue is
Comment 1 Bruno Haible 2009-05-11 07:14:03 EDT
Created attachment 343427 [details]
test case
Comment 2 Jakub Jelinek 2009-05-11 19:37:24 EDT
Fixed in glibc-2.10.1 in rawhide.

Note You need to log in before you can comment on or make changes to this bug.