fix theoretical out-of-bound access in dynamic linker

one of the arguments to memcmp may be shorter than the length l-3, and memcmp is under no obligation not to access past the first byte that differs. instead use strncmp which conveys the correct semantics. the performance difference is negligible here and since the code is only use for shared libc, both functions are already linked anyway.

fix theoretical out-of-bound access in dynamic linker
one of the arguments to memcmp may be shorter than the length l-3, and memcmp is under no obligation not to access past the first byte that differs. instead use strncmp which conveys the correct semantics. the performance difference is negligible here and since the code is only use for shared libc, both functions are already linked anyway.
27593d3a · Rich Felker · f8c376da · 27593d3a
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

src/ldso/dynlink.c src/ldso/dynlink.c +1 -1

未找到文件。
--- a/src/ldso/dynlink.c
+++ b/src/ldso/dynlink.c
@@ -467,7 +467,7 @@ static struct dso *load_library(const char *name)
 		char *z = strchr(name, '.');
 		if (z) {
 			size_t l = z-name;
-			for (rp=reserved; *rp && memcmp(name+3, rp, l-3); rp+=strlen(rp)+1);
+			for (rp=reserved; *rp && strncmp(name+3, rp, l-3); rp+=strlen(rp)+1);
 			if (*rp) {
 				if (ldd_mode) {
 					/* Track which names have been resolved