https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7304
Karsten Bräckelmann <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #4 from Karsten Bräckelmann <[email protected]> --- OK, that blog post shows that memcmp under some very specific conditions and implementation can in fact read past the differing character, accessing out-of-bounds memory. It does, however, *not* show that strncmp is immune to this. FWIW, does the definition of strncmp include that specification detail that memchr features but memcmp does not? I don't have a copy of the various C standards handy... (In reply to Hanno Boeck from comment #3) > Ultimately it doesn't hurt to fix it and it improves testability, as ASAN > complains about these types of errors. Granted. Committed to trunk and stable 3.4 branch. Sending spamc/getopt.c Committed revision 1804326. Sending spamc/getopt.c Committed revision 1804327. Thanks again for the report, Hanno. Closing RESOLVED FIXED. -- You are receiving this mail because: You are the assignee for the bug.
