[Toybox] [PATCH] xargs: fix for 32-bit.
enh
enh at google.com
Mon Jul 29 12:05:18 PDT 2019
ping?
On Fri, Jul 26, 2019 at 2:32 PM enh <enh at google.com> wrote:
>
> This affects both arm and x86, causing a signed comparison rather than
> an unsigned one.
>
> Here's arm:
>
> if (data <= (char *)2) data = 0;
> 51ecc: 2902 cmp r1, #2
> 51ece: d905 bls.n 51edc <xargs_main+0x158>
>
> if ((long)data <= 2) data = 0;
> 51ecc: 2902 cmp r1, #2
> 51ece: dc02 bgt.n 51ed6 <xargs_main+0x152>
>
> And x86 was similiar (and was where I first stumbled across this bug):
>
> if (data <= (char *)2) data = 0;
> 73ad7: 83 f8 02 cmp $0x2,%eax
> 73ada: 76 12 jbe 73aee <xargs_main+0x223>
>
> if ((long)data <= 2) data = 0;
> 73ad7: 83 f8 02 cmp $0x2,%eax
> 73ada: 7e 12 jle 73aee <xargs_main+0x223>
>
> For some reason, on the desktop I seem to see heap addresses low enough
> to not appear negative, whereas Android seems to fail every time.
> jemalloc is presumably more likely to allocate high?
>
> While I'm here, make it clearer that we're ignoring the allocated length
> argument to getdelim(), and stop storing the actual length at all
> because we don't use it afterwards. This wasn't _wrong_, but it was a
> red herring when I started debugging.
> ---
> toys/posix/xargs.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
More information about the Toybox
mailing list