On Sat, Nov 22, 2014 at 01:27:19PM +0000, Christian Weisgerber wrote: > In the words of the memcpy(3) man page: > The memcpy() function copies len bytes from buffer src to buffer dst. If > the two buffers may overlap, memmove(3) must be used instead. > > There is a suspicion that people have been lax about the restriction > on overlapping buffers. Courtesy of tedu@, below is a patch that > causes memcpy(3) to abort(3) the program outright when an overlap > is found. > > I'm currently running an amd64 bulk build with this and will > incrementally report on the results. > > Index: bcopy.c > =================================================================== > RCS file: /cvs/src/lib/libc/string/bcopy.c,v > retrieving revision 1.5 > diff -u -p -r1.5 bcopy.c > --- bcopy.c 8 Aug 2005 08:05:37 -0000 1.5 > +++ bcopy.c 20 Nov 2014 22:42:33 -0000 > @@ -32,6 +32,7 @@ > */ > > #include <string.h> > +#include <stdlib.h> > > /* > * sizeof(word) MUST BE A POWER OF TWO > @@ -67,6 +68,11 @@ bcopy(const void *src0, void *dst0, size > if (length == 0 || dst == src) /* nothing to do */ > goto done; > > +#ifdef MEMCOPY > + if ((dst < src && dst + length > src) || > + (src < dst && src + length > dst)) > + abort(); > +#endif > /* > * Macros: loop-t-times; and loop-t-times, t>0 > */ > > -- > Christian "naddy" Weisgerber na...@mips.inka.de Doesn't recent gcc include checks for builtin memcpy/memmove ?
Maybe it's possible to have some more aborts at compile time.