stricks icon indicating copy to clipboard operation
stricks copied to clipboard

Published 20 hours ago verified publisher icon alcover

undefined behavior in grow()

Open phillipwood opened this issue 2 years ago • 2 comments

I saw the link to this project on hacker news, it looks interesting. One thing I noticed was that in grow() it has

// TYPE1 -> TYPE4
RELOC(4)
memcpy (newdata, DATA(newhead, TYPE1), dims.len+1);

the result of memcpy() is undefined when the source and destination overlap, this should use memmove() instead. One a related note the code to grow a string seems to be duplicated in a different form in resize(), perhaps that could call grow() instead.

phillipwood avatar Mar 08 '22 12:03 phillipwood

Hello I didn't consider realloc may simply expand in-place. Nice find ! I'll look into it.

About reusing grow(), it's specialized in increase-only. But you're right the code needs maybe refactoring.

If you wanna PR or be a contributor, I'd be glad. A new simpler version is coming though. Maybe we'll see later ?

Thx a lot

alcover avatar Mar 08 '22 14:03 alcover

Phillip, i've been busy all this time but I'll work on your find soon.

alcover avatar Jun 03 '22 09:06 alcover