On Mon, Dec 06, 2021 at 03:09:05PM -0700, Theo de Raadt wrote:
> + * Use memmove(3) instead of memcpy(3), just in case key
> + * partially overlaps with the end of the array.
>
> It isn't a "just in case", as in a possibility.
?
> It is gauranteed this condition will happen.
I don't follow you. I would expect this to basically never happen.
It's user error. We're well outside of "defined behavior" here, I'm
just trying to make lsearch(3) do the best thing in a bad situation.
Like, I can write a program to demonstrate the problem, but this is
not something you would ever do intentionally.
> I don't like how these conditions are described as odd-cases, that
> isn't how machines actually work, and I think it should be described
> in a stronger sense.
This?
Index: lsearch.c
===================================================================
RCS file: /cvs/src/lib/libc/stdlib/lsearch.c,v
retrieving revision 1.5
diff -u -p -r1.5 lsearch.c
--- lsearch.c 18 Jul 2014 04:16:09 -0000 1.5
+++ lsearch.c 7 Dec 2021 01:28:58 -0000
@@ -79,6 +79,11 @@ linear_base(const void *key, const void
* manual.
*/
++*nelp;
- memcpy((void *)end, key, width);
+
+ /*
+ * Use memmove(3) to ensure the key is copied cleanly into the
+ * array, even if the key overlaps with the end of the array.
+ */
+ memmove((void *)end, key, width);
return((void *)end);
}
