valke@wundt.psy.vu.nl (Peter Valkenburg) (01/13/90)
Hello, strncmp() in the MINIX ansi library (not the assembly package) contains a very annoying bug. Occasionally it copies a nul character too many. I found this out trying to fix what I thought was a bug in who(1). It turned out login on 1.5.0 overwrote a stack variable because of the buggy strncpy, and messed up the wtmp file in the process. A gross bug in such an important routine - it's enough to drive you paranoid... Anyway, here's the cdiff to /usr/src/lib/ansi/strncpy.c. You have to at least recompile login. I haven't bothered to find out about other stuff that depends on this. You won't have this problem if you used the assembly string stuff posted recently. Bye, Peter Valkenburg (valke@psy.vu.nl). --------------cut here--------------cut here--------------cut here------------ *** strcpy.old Sat Jan 13 03:02:19 1990 --- strncpy.c Sat Jan 13 03:07:12 1990 *************** *** 15,21 **** dscan = dst; sscan = src; count = n; ! while (count > 0 && (*dscan++ = *sscan++) != '\0') count--; while (count > 0) { *dscan++ = '\0'; count--; } --- 15,25 ---- dscan = dst; sscan = src; count = n; ! while (count > 0) { ! count--; ! if ((*dscan++ = *sscan++) == '\0') ! break; ! } while (count > 0) { *dscan++ = '\0'; count--; }