Attention is currently required from: Maximilian Brune, Yu-Ping Wu.
Julius Werner has posted comments on this change by Yu-Ping Wu. ( https://review.coreboot.org/c/coreboot/+/83914?usp=email )
Change subject: commonlib/bsd/string: Fix pointer overflow for strnlen() ......................................................................
Patch Set 1:
(1 comment)
File src/commonlib/bsd/string.c:
https://review.coreboot.org/c/coreboot/+/83914/comment/1d1787be_bfaad2e2?usp... : PS1, Line 19: str + maxlen + 1
That's algorithmically incorrect in some edge cases, for example when `str = UINTPTR_MAX` and `maxle […]
Hmm... I don't think anyone should ever call this with a string beginning at the last byte of the address space, that just seems wrong to begin with (and that's the only flaw I can see in my suggestion). Even with your code it would still dereference address 0 to look for the terminating '\0' in that case. (In fact, your code generally dereferences once more byte that specified -- shouldn't the `len < maxlen` check come first?)
But okay, this seems to be breaking a lot of things so let's get at least some fix landed already while we can continue to discuss edge cases.