 |
util: trim() fix for UB on pointer arithmetic - sic - simple irc client |
 |
git clone git://git.suckless.org/sic |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit 058547e707e961e0cb7f8af4877f1b92f4c6d888 |
|
parent 68c1c4e5110ed6a30cd3da0ae0c2ab0753e02cbb |
|
Author: Hiltjo Posthuma <[email protected]> |
|
Date: Thu, 6 May 2021 12:18:21 +0200 |
|
|
|
util: trim() fix for UB on pointer arithmetic |
|
|
|
Follow-up fix on commit df4c0611366bf361fa263fbc57009cbe68456855 |
|
|
|
" |
|
While it is true reversing the condition solves a single-byte read at |
|
one before s, there is a second instance of UB. |
|
|
|
Having a pointer to one before an object is in of itself UB in C, it's |
|
on the side of language lawyering, but it's UB. |
|
I add here a quote from a C standard draft: |
|
> When an expression that has integer type is added to or subtracted |
|
> from a pointer, the result has the type of the pointer operand. |
|
> If both the pointer operand and the result point to elements of the |
|
> same array object, or one past the last element of the array object, |
|
> the evaluation shall not produce an overflow; otherwise, the |
|
> behavior is undefined. |
|
Taken from: http://www.iso-9899.info/n1570.html#6.5.6p8 |
|
" |
|
|
|
Thanks Guilherme Janczak <[email protected]> |
|
|
|
Diffstat: |
|
M util.c | 7 +++---- |
|
|
|
1 file changed, 3 insertions(+), 4 deletions(-) |
|
--- |
|
diff --git a/util.c b/util.c |
|
@@ -60,8 +60,7 @@ static void |
|
trim(char *s) { |
|
char *e; |
|
|
|
- e = s + strlen(s) - 1; |
|
- while(e > s && isspace((unsigned char)*e)) |
|
- e--; |
|
- *(e + 1) = '\0'; |
|
+ for (e = s + strlen(s); e > s && isspace((unsigned char)*(e - 1)); e--) |
|
+ ; |
|
+ *e = '\0'; |
|
} |
