lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 23 Dec 2018 12:13:43 +0900
From:   Namhyung Kim <namhyung@...nel.org>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Ingo Molnar <mingo@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Joe Perches <joe@...ches.com>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Tom Zanussi <zanussi@...nel.org>,
        Andreas Schwab <schwab@...ux-m68k.org>, kernel-team@....com
Subject: Re: [PATCH v4] string.h: Add str_has_prefix() helper function

On Sat, Dec 22, 2018 at 12:24:54PM -0500, Steven Rostedt wrote:
> On Sat, 22 Dec 2018 12:23:35 -0500
> Steven Rostedt <rostedt@...dmis.org> wrote:
> 
> > On Sat, 22 Dec 2018 12:19:11 -0500
> > Steven Rostedt <rostedt@...dmis.org> wrote:
> > 
> > > Because memcmp() isn't required to test byte by byte. In fact, most
> > > implementations don't which is why memcmp is faster than strcncmp.  
> > 
> > In fact, if memcmp() was safe to use if we only knew the size of one of
> > the parameters, then there would be no reason for strncmp to exist.
> >
> 
> Also, I believe there are some memcmp implementations that start at the
> end of the memory locations, not the beginning. That is, it compares
> backwards. Which is also legit for memcmp to do.

I'm not sure, the man page says:

    RETURN VALUE
       The memcmp() function returns an integer less than, equal to,
       or greater than zero if the first n bytes of s1 is found,
       respectively, to be less than, to match, or be greater than
       the first n bytes of s2.

       For a nonzero return value, the sign is determined by the sign
       of the difference between the first pair of bytes (interpreted
       as unsigned char) that differ in s1 and s2.

       If n is zero, the return value is zero.


It should return difference in the first pair of bytes that differ so
I guess implementations should compare from the beginning.

Thanks,
Namhyung

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ