Attention is currently required from: Julius Werner, Maximilian Brune.
Yu-Ping Wu has posted comments on this change by Yu-Ping Wu. ( https://review.coreboot.org/c/coreboot/+/83914?usp=email )
Change subject: commonlib/bsd/string: Fix pointer overflow for strnlen()
......................................................................
Patch Set 1:
(1 comment)
File src/commonlib/bsd/string.c:
https://review.coreboot.org/c/coreboot/+/83914/comment/9b5feddc_34eb4f35?usp... :
PS1, Line 19: str + maxlen + 1
edit: sorry, that was supposed to be `MIN()`, of course. Actually, neither of those is great. Hmmm.. […]
That's algorithmically incorrect in some edge cases, for example when `str = UINTPTR_MAX` and `maxlen = 1`. I've considered different ways to write the code, but all of them don't seem to be better than the counter approach.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/83914?usp=email
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings?usp=email
Gerrit-MessageType: comment
Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: Ic9d983b11391f5e05c2bceb262682aced5206f94
Gerrit-Change-Number: 83914
Gerrit-PatchSet: 1
Gerrit-Owner: Yu-Ping Wu
yupingso@google.com
Gerrit-Reviewer: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Mario Scheithauer
mario.scheithauer@siemens.com
Gerrit-Reviewer: Maximilian Brune
maximilian.brune@9elements.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-Attention: Julius Werner
jwerner@chromium.org
Gerrit-Attention: Maximilian Brune
maximilian.brune@9elements.com
Gerrit-Comment-Date: Thu, 15 Aug 2024 06:33:21 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Julius Werner
jwerner@chromium.org