commit 058547e707e961e0cb7f8af4877f1b92f4c6d888
Author: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
AuthorDate: Thu May 6 12:18:21 2021 +0200
Commit: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
CommitDate: Thu May 6 12:20:30 2021 +0200
util: trim() fix for UB on pointer arithmetic
Follow-up fix on commit df4c0611366bf361fa263fbc57009cbe68456855
"
While it is true reversing the condition solves a single-byte read at
one before s, there is a second instance of UB.
Having a pointer to one before an object is in of itself UB in C, it's
on the side of language lawyering, but it's UB.
I add here a quote from a C standard draft:
> When an expression that has integer type is added to or subtracted
> from a pointer, the result has the type of the pointer operand.
> If both the pointer operand and the result point to elements of the
> same array object, or one past the last element of the array object,
> the evaluation shall not produce an overflow; otherwise, the
> behavior is undefined.
Taken from:
http://www.iso-9899.info/n1570.html#6.5.6p8
"
Thanks Guilherme Janczak <guilherme.janczak_AT_yandex.com>
diff --git a/util.c b/util.c
index cb966d4..8cea883 100644
--- a/util.c
+++ b/util.c
_AT_@ -60,8 +60,7 @@ static void
trim(char *s) {
char *e;
- e = s + strlen(s) - 1;
- while(e > s && isspace((unsigned char)*e))
- e--;
- *(e + 1) = '\0';
+ for (e = s + strlen(s); e > s && isspace((unsigned char)*(e - 1)); e--)
+ ;
+ *e = '\0';
}
Received on Thu May 06 2021 - 18:42:25 CEST