Skip to content

Commit

Permalink
Fix potential out-of-bounds access in strncmp()
Browse files Browse the repository at this point in the history
The current strncmp() implementation may continue comparing strings
when they are identical and shorter than 'len', leading to potential
out-of-bounds memory access. For example, strncmp("abc", "abc", 5)
could access memory beyond the end of the strings.

Add a check to return 0 if the end of either string is reached before
'len', preventing unintended memory access.
  • Loading branch information
visitorckw committed Aug 10, 2024
1 parent c56c590 commit a809eba
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
2 changes: 2 additions & 0 deletions lib/c.c
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,8 @@ int strncmp(char *s1, char *s2, int len)
return -1;
if (s1[i] > s2[i])
return 1;
if (!s1[i])
return 0;
i++;
}
return 0;
Expand Down
2 changes: 1 addition & 1 deletion tests/snapshots/fib.json

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion tests/snapshots/hello.json

Large diffs are not rendered by default.

0 comments on commit a809eba

Please sign in to comment.