debuginfod: sqlite3_sharedprefix_fn should not compare past end of string

Message ID 20211204214157.277233-1-mark@klomp.org
State Committed
Headers
Series debuginfod: sqlite3_sharedprefix_fn should not compare past end of string |

Commit Message

Mark Wielaard Dec. 4, 2021, 9:41 p.m. UTC
  gcc address sanitizer detected a read after the end of string in
sqlite3_sharedprefix_fn. Make sure to stop comparing the strings when
seeing the zero terminator.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 debuginfod/debuginfod.cxx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
  

Comments

Mark Wielaard Dec. 5, 2021, 5:09 p.m. UTC | #1
On Sat, Dec 04, 2021 at 05:54:07PM -0500, Frank Ch. Eigler wrote:
> > gcc address sanitizer detected a read after the end of string in
> > sqlite3_sharedprefix_fn. Make sure to stop comparing the strings when
> > seeing the zero terminator.
> 
> Yup, OK.

Thanks, pushed.

Mark
  

Patch

diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index bb8322db..154f14ba 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -3704,7 +3704,7 @@  static void sqlite3_sharedprefix_fn (sqlite3_context* c, int argc, sqlite3_value
       const unsigned char* a = sqlite3_value_text (argv[0]);
       const unsigned char* b = sqlite3_value_text (argv[1]);
       int i = 0;
-      while (*a++ == *b++)
+      while (*a != '\0' && *b != '\0' && *a++ == *b++)
         i++;
       sqlite3_result_int (c, i);
     }