oss-sec mailing list archives
Re: Re: Out-of-bounds read & write in the glibc's qsort()
From: Yuri Gribov <tetra2005 () gmail com>
Date: Tue, 24 Dec 2024 07:35:44 +0300
On Tue, Dec 24, 2024 at 12:36 AM Florian Weimer <fweimer () redhat com> wrote:
On Mon, Dec 23, 2024 at 8:47 PM Florian Weimer <fweimer () redhat com> wrote:It's a bit odd that you disable reflexivity checks by default, but quite a few of the issues reported are in this category.I think back then I wanted to make default settings free of false positives. Often sorted arrays may only contain unique elements and in such cases reflexivity checks are useless.Are they? In the longstanding glibc quicksort implementation (usually hidden behind a merge sort), reflexivity was required to rediscover an element that the implementation assumed to be there and dependent upon for loop termination.
Interesting. I remember being told in GCC mailing list (or was it IRC?) that qsort implementations typically will not compare element to itself. See also https://gcc.gnu.org/pipermail/gcc/2018-January/225098.html -Y
Current thread:
- Re: Out-of-bounds read & write in the glibc's qsort() Yuri Gribov (Dec 21)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Jan Engelhardt (Dec 21)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Florian Weimer (Dec 23)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Yuri Gribov (Dec 23)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Florian Weimer (Dec 23)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Yuri Gribov (Dec 24)
- Re: Re: Out-of-bounds read & write in the glibc's qsort() Yuri Gribov (Dec 23)