Xen project Mailing List

Re: [PATCH] xen/lib: Fix strcmp() and strncmp()

From: Jane Malalane <jane.malalane@xxxxxxxxxx>

Date: Fri, 30 Jul 2021 07:52:38 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8QjFPSY0B5275zDvKPyFT9zPWs3HZY/3+OhLTyWuCWo=; b=DqR9yHZTdBTgZEVrWJRkmny5mV4MuDv+8Y6G4P1N7bJNJQPoIcB0zrX3P92MAdCokQME634NGH/aJYnMJzXkfXU25F8SJ8Jo/PKe7ZL3cMctyPGuErFI8pS8XxMRvyfTVxp3KWwr2qBAMyH8ZptB/h0m4iyCYfPIkWTtDJgCKn5aXEDRRCGCMP8wZtLajy9JKllDmAylAcvnyibDwVgTM1glT40B+qBCMbcHu2N9vik1zkVOgyZfn99ZL7KcupUN4hrnrH6hezSZ1ejr/UFVMh2vMiT2ZRAoX5gKj1Zl7RlGdCmxgHtIAfIHB79X8uFbb0FLimPVmTIwX/TcCAysIA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m+cK7JaT2yb5ILJi2M8SsNNTmGQcRKQaCPk1/oYftUP7WSOPDJQdT5OJEOc+x2j2dnDBU6PHkzu3gc18EVsKdL4zOWJ07vvVOrbHWwlXQ72amO6YgMlwbbWM8mJmpvaHJo9LzL+zrfbhXVRPUeHmmFx5Ayrbcx6pShA3GAktdyeFurTr2Sxpd4gjMaKOnWWMYIKpERt0ZHXGtyWJrHU5mqnDKjF0KIMTT/US4Mi2UCHlDCwQixQrKgvAWBKgiQEbR9fSAg/P8W8lYzx9MVw09vF5v8HDylYY3nZIkGAvvQlY8sll5plv9Voelzcmiu+bqA7UbGRs+AuPVJ6NU0MOow==

Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 30 Jul 2021 06:53:06 +0000

Ironport-hdrordr: A9a23:Dzny8aiy/Q09xF+I6KGONqggZ3BQX1B13DAbv31ZSRFFG/FwyP rBoB1L73DJYWgqNE3I+erhBEGBKUmskqKdkrNhQotKPTOWxFdASbsC0WKM+UyaJ8STzJ8l6U 4kSdkCNDSSNykLsS+Z2njBLz9I+rDum8rE9ISurQYecegpUdAH0+4QMHfrLqQcfngiOXNWLu v52iMKnUvbRZxBBf7LeEXtEtKz6OHjpdbDW1orFhQn4A6BgXeB76P7KQGR2lM7XylUybkv3G DZm0ihj5/T8s2T+1v57Sv+/p5WkNzuxp9qA9GNsNEcLnHJhhyzbIpsdrWetHQeof2p6nwtjN 7Qyi1Qcfhb2jf0RCWYsBHt0w7v3HIH7GLj80aRhT/ZrcnwVFsBeoB8rLMcViGcx1srvdl63q 4O9XmerYBrARTJmzm4z8TUVjlx/3DE40YKoKo2tThyQIEeYLheocg050VOCqoNGyr89cQODP RuNsfB//xbGGnqLEwxhlMfhOBEY05DWStvGiM5y4qoOnlt7TBEJnIjtYkidixqzuNld3EsjN 60QZiBl9l1P4QrhOxGdb88qWbeMB26ffv2ChPnHb3QLtBOB5v8ke+D3FwL3pDcRHUp9up+pH 2TaiIViYYNE3ieQPFmmqc7qSzwfA==

Ironport-sdr: /TqDw8dMkyNiJuPVFiQKcbdtDzPIoxFAYI3D8fXeW6pj+WK8xxRk5a3iLmxdYMyqfhCnyLZhA3 ISb+1MP4CMfdm68D4yIxJ82d6b04jQHSjeuSydNXZttgIT2t/PHkWhX9BdtYEooebNckZj77vC uGM9s7VxYeNTs2u/heZ06e89ftEcp6pdyp5K+OoI7RiqjOdSPuOqjPHX3ENTR8Oih5rd3wxNJd GKp3GbGfhVbRuio6CmanZ8Y0z0RScPWc3IUaXvdefA27sQycveZheMwHVadGRvZfOMDuQ92ohw qIZWFJPFxr6zAt2qKLIUDpzT

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 28/07/2021 11:42, Ian Jackson wrote:

[CAUTION - EXTERNAL EMAIL] DO NOT reply, click links, or open attachments unless you have verified the sender and know the content is safe.

Jane Malalane writes ("[PATCH] xen/lib: Fix strcmp() and strncmp()"):

The C standard requires that each character be compared as unsigned
char. Xen's current behaviour compares as signed char, which changes
the answer when chars with a value greater than 0x7f are used.

Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Signed-off-by: Jane Malalane <jane.malalane@xxxxxxxxxx>

Thanks for this.

What are the practical effects of this bug ?  AFAICT in the hypervisor
code all the call sites simply test for zero/nonzero.

Of course we should fix this because

-		if ((__res = *cs - *ct++) != 0 || !*cs++)

this substraction is UB if it overflows.  So in theory the compiler
could miscompile it - although in practice I can't see how the
assumption that this doesn't overflow would "help" the compiler.

Ian.



This fix was just to make the code spec compliant and mainly for practice as I'm currently being introduced to Xen.

Jane

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.