[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8015) memcpy() overlapping in many places
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8015) memcpy() overlapping in many places
- From: leo@yuriev.ru
- Date: Sat, 03 Jan 2015 19:21:22 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
This is a multi-part message in MIME format.
--------------090408030902080204080503
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 7bit
Please review and merge.
Leonid.
--------------090408030902080204080503
Content-Type: text/x-patch;
name="its8015.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="its8015.patch"
commit 8d55a7c88c6655879ffc677e5a9873f29bb7a802
Author: Leo Yuriev <leo@yuriev.ru>
Date: 2015-01-01 16:00:58 +0300
ITS#8015 replace memcpy() by memmove() for overlapped src & dst.
http://lwn.net/Articles/414467/
Initially a few cases have been detected using Valgrind.
After that I manually reviewed all calls memcpy() and AC_MEMCPY()
it the 2.4 branch.
Unfortunately, we can not expect that all of these mistakes
corrected, but it is much more than nothing.
diff --git a/libraries/liblber/encode.c b/libraries/liblber/encode.c
index e39fa07..3eb15c6 100644
--- a/libraries/liblber/encode.c
+++ b/libraries/liblber/encode.c
@@ -398,7 +398,7 @@ ber_start_seqorset(
return -1;
}
dest = *p;
- AC_MEMCPY( dest, headptr, headlen );
+ memmove( dest, headptr, headlen );
ber->ber_sos_ptr = dest + headlen;
ber->ber_sos_inner = dest + taglen - ber->ber_buf;
@@ -467,7 +467,7 @@ ber_put_seqorset( BerElement *ber )
if ( unused != 0 ) {
/* length(length) < the reserved SOS_LENLEN bytes */
xlen -= unused;
- AC_MEMCPY( lenptr, p, xlen );
+ memmove( lenptr, p, xlen );
ber->ber_sos_ptr = (char *) lenptr + xlen;
}
}
diff --git a/libraries/libldap/sasl.c b/libraries/libldap/sasl.c
index 8878d1f..4ad605f 100644
--- a/libraries/libldap/sasl.c
+++ b/libraries/libldap/sasl.c
@@ -628,7 +628,7 @@ sb_sasl_generic_drop_packet (
len = p->sec_buf_in.buf_ptr - p->sec_buf_in.buf_end;
if ( len > 0 )
- AC_MEMCPY( p->sec_buf_in.buf_base, p->sec_buf_in.buf_base +
+ memmove( p->sec_buf_in.buf_base, p->sec_buf_in.buf_base +
p->sec_buf_in.buf_end, len );
if ( len >= 4 ) {
diff --git a/libraries/liblutil/utils.c b/libraries/liblutil/utils.c
index 310380b..a783167 100644
--- a/libraries/liblutil/utils.c
+++ b/libraries/liblutil/utils.c
@@ -841,7 +841,7 @@ lutil_str2bin( struct berval *in, struct berval *out, void *ctx )
num.buf[num.beg] = neg;
}
if ( num.beg )
- AC_MEMCPY( num.buf, num.buf+num.beg, num.len );
+ memmove( num.buf, num.buf+num.beg, num.len );
out->bv_len = num.len;
decfail:
if ( tmp != tmpbuf ) {
diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index f5c244c..f935efc 100644
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -2317,7 +2317,7 @@ acl_regex_normalized_dn(
for ( q = &p[2]; q[0] == ' '; q++ ) {
/* DO NOTHING */ ;
}
- AC_MEMCPY( p+1, q, len-(q-str)+1);
+ memmove( p+1, q, len-(q-str)+1);
}
}
pattern->bv_val = str;
diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c
index 6f6cb2f..2357452 100644
--- a/servers/slapd/ad.c
+++ b/servers/slapd/ad.c
@@ -277,7 +277,7 @@ int slap_bv2ad(
} else if ( rc > 0 ||
( rc == 0 && (unsigned)optlen > tags[i].bv_len ))
{
- AC_MEMCPY( &tags[i+2], &tags[i+1],
+ memmove( &tags[i+2], &tags[i+1],
(ntags-i-1)*sizeof(struct berval) );
tags[i+1].bv_val = opt;
tags[i+1].bv_len = optlen;
@@ -286,7 +286,7 @@ int slap_bv2ad(
}
if( ntags ) {
- AC_MEMCPY( &tags[1], &tags[0],
+ memmove( &tags[1], &tags[0],
ntags*sizeof(struct berval) );
}
tags[0].bv_val = opt;
diff --git a/servers/slapd/back-bdb/attr.c b/servers/slapd/back-bdb/attr.c
index 2f183b3..e4ab16f 100644
--- a/servers/slapd/back-bdb/attr.c
+++ b/servers/slapd/back-bdb/attr.c
@@ -71,7 +71,7 @@ ainfo_insert( struct bdb_info *bdb, AttrInfo *a )
bdb->bi_attrs = ch_realloc( bdb->bi_attrs, ( bdb->bi_nattrs+1 ) *
sizeof( AttrInfo * ));
if ( x < bdb->bi_nattrs )
- AC_MEMCPY( &bdb->bi_attrs[x+1], &bdb->bi_attrs[x],
+ memmove( &bdb->bi_attrs[x+1], &bdb->bi_attrs[x],
( bdb->bi_nattrs - x ) * sizeof( AttrInfo *));
bdb->bi_attrs[x] = a;
bdb->bi_nattrs++;
diff --git a/servers/slapd/back-bdb/idl.c b/servers/slapd/back-bdb/idl.c
index c6bc9f3..f024245 100644
--- a/servers/slapd/back-bdb/idl.c
+++ b/servers/slapd/back-bdb/idl.c
@@ -204,7 +204,7 @@ int bdb_idl_insert( ID *ids, ID id )
} else {
/* insert id */
- AC_MEMCPY( &ids[x+1], &ids[x], (ids[0]-x) * sizeof(ID) );
+ memmove( &ids[x+1], &ids[x], (ids[0]-x) * sizeof(ID) );
ids[x] = id;
}
@@ -262,7 +262,7 @@ int bdb_idl_delete( ID *ids, ID id )
}
} else {
- AC_MEMCPY( &ids[x], &ids[x+1], (1+ids[0]-x) * sizeof(ID) );
+ memmove( &ids[x], &ids[x+1], (1+ids[0]-x) * sizeof(ID) );
}
#if IDL_DEBUG > 1
diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c
index 11a4ac4..4b5c394 100644
--- a/servers/slapd/back-ldap/config.c
+++ b/servers/slapd/back-ldap/config.c
@@ -1047,7 +1047,7 @@ ldap_back_cf_gen( ConfigArgs *c )
if ( i ) {
bv.bv_len -= i;
- AC_MEMCPY( bv.bv_val, &bv.bv_val[ i ],
+ memmove( bv.bv_val, &bv.bv_val[ i ],
bv.bv_len + 1 );
}
@@ -1239,7 +1239,7 @@ ldap_back_cf_gen( ConfigArgs *c )
if ( i ) {
bc.bv_len -= i;
- AC_MEMCPY( bc.bv_val, &bc.bv_val[ i ], bc.bv_len + 1 );
+ memmove( bc.bv_val, &bc.bv_val[ i ], bc.bv_len + 1 );
}
bv = bc;
@@ -1298,7 +1298,7 @@ ldap_back_cf_gen( ConfigArgs *c )
if ( i ) {
bv.bv_len -= i;
- AC_MEMCPY( bv.bv_val, &bv.bv_val[ i ],
+ memmove( bv.bv_val, &bv.bv_val[ i ],
bv.bv_len + 1 );
}
diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c
index eeab466..b100510 100644
--- a/servers/slapd/back-ldap/search.c
+++ b/servers/slapd/back-ldap/search.c
@@ -109,7 +109,7 @@ ldap_back_munge_filter(
ptr = filter->bv_val + ( ptr - oldfilter.bv_val );
- AC_MEMCPY( &ptr[ newbv->bv_len ],
+ memmove( &ptr[ newbv->bv_len ],
&ptr[ oldbv->bv_len ],
oldfilter.bv_len - ( ptr - filter->bv_val ) - oldbv->bv_len + 1 );
AC_MEMCPY( ptr, newbv->bv_val, newbv->bv_len );
diff --git a/servers/slapd/back-mdb/attr.c b/servers/slapd/back-mdb/attr.c
index 5da9da9..38e513e 100644
--- a/servers/slapd/back-mdb/attr.c
+++ b/servers/slapd/back-mdb/attr.c
@@ -71,7 +71,7 @@ ainfo_insert( struct mdb_info *mdb, AttrInfo *a )
mdb->mi_attrs = ch_realloc( mdb->mi_attrs, ( mdb->mi_nattrs+1 ) *
sizeof( AttrInfo * ));
if ( x < mdb->mi_nattrs )
- AC_MEMCPY( &mdb->mi_attrs[x+1], &mdb->mi_attrs[x],
+ memmove( &mdb->mi_attrs[x+1], &mdb->mi_attrs[x],
( mdb->mi_nattrs - x ) * sizeof( AttrInfo *));
mdb->mi_attrs[x] = a;
mdb->mi_nattrs++;
diff --git a/servers/slapd/back-mdb/idl.c b/servers/slapd/back-mdb/idl.c
index 3c2f986..c03f7c3 100644
--- a/servers/slapd/back-mdb/idl.c
+++ b/servers/slapd/back-mdb/idl.c
@@ -173,7 +173,7 @@ int mdb_idl_insert( ID *ids, ID id )
} else {
/* insert id */
- AC_MEMCPY( &ids[x+1], &ids[x], (ids[0]-x) * sizeof(ID) );
+ memmove( &ids[x+1], &ids[x], (ids[0]-x) * sizeof(ID) );
ids[x] = id;
}
@@ -231,7 +231,7 @@ static int mdb_idl_delete( ID *ids, ID id )
}
} else {
- AC_MEMCPY( &ids[x], &ids[x+1], (1+ids[0]-x) * sizeof(ID) );
+ memmove( &ids[x], &ids[x+1], (1+ids[0]-x) * sizeof(ID) );
}
#if IDL_DEBUG > 1
diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c
index e3164b0..daa5e8b 100644
--- a/servers/slapd/back-meta/config.c
+++ b/servers/slapd/back-meta/config.c
@@ -1340,7 +1340,7 @@ meta_back_cf_gen( ConfigArgs *c )
if ( i ) {
bv.bv_len -= i;
- AC_MEMCPY( bv.bv_val, &bv.bv_val[ i ],
+ memmove( bv.bv_val, &bv.bv_val[ i ],
bv.bv_len + 1 );
}
@@ -1597,7 +1597,7 @@ meta_back_cf_gen( ConfigArgs *c )
if ( i ) {
bc.bv_len -= i;
- AC_MEMCPY( bc.bv_val, &bc.bv_val[ i ], bc.bv_len + 1 );
+ memmove( bc.bv_val, &bc.bv_val[ i ], bc.bv_len + 1 );
}
bv = bc;
@@ -2720,7 +2720,7 @@ idassert-authzFrom "dn:<rootdn>"
int len = strlen( argv[ 0 ] );
ber_str2bv( line, 0, 0, &bv );
- AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
+ memmove( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
bv.bv_len - ( len + 1 ));
bv.bv_val[ bv.bv_len - 1] = '"';
ber_bvarray_add( &mt->mt_rwmap.rwm_bva_rewrite, &bv );
diff --git a/servers/slapd/back-sql/util.c b/servers/slapd/back-sql/util.c
index 3564527..7c77964 100644
--- a/servers/slapd/back-sql/util.c
+++ b/servers/slapd/back-sql/util.c
@@ -411,7 +411,7 @@ backsql_split_pattern(
} else if ( real_end[ 1 ] == SPLIT_CHAR ) {
expected++;
- AC_MEMCPY( real_end, real_end + 1, strlen( real_end ) );
+ memmove( real_end, real_end + 1, strlen( real_end ) );
end = strchr( real_end + 1, SPLIT_CHAR );
continue;
}
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 2214334..9655629 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -2353,7 +2353,7 @@ sortval_reject:
s = ber_bvchr( &bv, '"' );
assert( s != NULL );
/* move the trailing quote of argv[0] to the end */
- AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
+ memmove( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
bv.bv_val[ bv.bv_len - 1 ] = '"';
} else {
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index cdc17d9..5c0dd55 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -2159,12 +2159,12 @@ strtok_quote( char *line, char *sep, char **quote_ptr )
} else {
inquote = 1;
}
- AC_MEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
+ memmove( next, next + 1, strlen( next + 1 ) + 1 );
break;
case '\\':
if ( next[1] )
- AC_MEMCPY( next,
+ memmove( next,
next + 1, strlen( next + 1 ) + 1 );
next++; /* dont parse the escaped character */
break;
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index 9b51f95..6b1f1d7 100644
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -1005,7 +1005,7 @@ slap_remove_control(
op->o_tmpfree( op->o_ctrls[ j ], op->o_tmpmemctx );
if ( i > 1 ) {
- AC_MEMCPY( &op->o_ctrls[ j ], &op->o_ctrls[ j + 1 ],
+ memmove( &op->o_ctrls[ j ], &op->o_ctrls[ j + 1 ],
( i - j ) * sizeof( LDAPControl * ) );
} else {
diff --git a/servers/slapd/overlays/constraint.c b/servers/slapd/overlays/constraint.c
index 096f32a..99844a5 100644
--- a/servers/slapd/overlays/constraint.c
+++ b/servers/slapd/overlays/constraint.c
@@ -401,7 +401,7 @@ constraint_cf_gen( ConfigArgs *c )
rc = ARG_BAD_CONF;
goto done;
}
- AC_MEMCPY( &ap.lud->lud_filter[0], &ap.lud->lud_filter[1], len - 2 );
+ memmove( &ap.lud->lud_filter[0], &ap.lud->lud_filter[1], len - 2 );
ap.lud->lud_filter[len - 2] = '\0';
}
diff --git a/servers/slapd/overlays/memberof.c b/servers/slapd/overlays/memberof.c
index 17cbae7..dcfb047 100644
--- a/servers/slapd/overlays/memberof.c
+++ b/servers/slapd/overlays/memberof.c
@@ -616,10 +616,10 @@ memberof_op_add( Operation *op, SlapReply *rs )
break;
}
- AC_MEMCPY( &a->a_vals[ i ], &a->a_vals[ i + 1 ],
+ memmove( &a->a_vals[ i ], &a->a_vals[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
if ( a->a_nvals != a->a_vals ) {
- AC_MEMCPY( &a->a_nvals[ i ], &a->a_nvals[ i + 1 ],
+ memmove( &a->a_nvals[ i ], &a->a_nvals[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
}
i--;
@@ -698,10 +698,10 @@ memberof_op_add( Operation *op, SlapReply *rs )
break;
}
- AC_MEMCPY( &a->a_vals[ i ], &a->a_vals[ i + 1 ],
+ memmove( &a->a_vals[ i ], &a->a_vals[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
if ( a->a_nvals != a->a_vals ) {
- AC_MEMCPY( &a->a_nvals[ i ], &a->a_nvals[ i + 1 ],
+ memmove( &a->a_nvals[ i ], &a->a_nvals[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
}
i--;
@@ -922,9 +922,9 @@ memberof_op_modify( Operation *op, SlapReply *rs )
break;
}
- AC_MEMCPY( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
+ memmove( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
- AC_MEMCPY( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
+ memmove( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
i--;
}
@@ -1022,10 +1022,10 @@ memberof_op_modify( Operation *op, SlapReply *rs )
break;
}
- AC_MEMCPY( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
+ memmove( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
if ( ml->sml_nvalues != ml->sml_values ) {
- AC_MEMCPY( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
+ memmove( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
}
i--;
@@ -1140,10 +1140,10 @@ memberof_op_modify( Operation *op, SlapReply *rs )
break;
}
- AC_MEMCPY( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
+ memmove( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
if ( ml->sml_nvalues != ml->sml_values ) {
- AC_MEMCPY( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
+ memmove( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
sizeof( struct berval ) * ( j - i ) );
}
i--;
diff --git a/servers/slapd/overlays/rwm.c b/servers/slapd/overlays/rwm.c
index 1fbfac3..22a536a 100644
--- a/servers/slapd/overlays/rwm.c
+++ b/servers/slapd/overlays/rwm.c
@@ -2014,7 +2014,7 @@ rwm_bva_add(
int len = strlen( argv[ 0 ] );
ber_str2bv( line, 0, 0, &bv );
- AC_MEMCPY( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
+ memmove( &bv.bv_val[ len ], &bv.bv_val[ len + 1 ],
bv.bv_len - ( len + 1 ) );
bv.bv_val[ bv.bv_len - 1 ] = '"';
diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index b47a528..7436614 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -1342,7 +1342,7 @@ slap_sasl_peer2ipport( struct berval *peer )
*p = ';';
if ( isv6 ) {
assert( p[-1] == ']' );
- AC_MEMCPY( &p[-1], p, plen - ( p - ipport ) + 1 );
+ memmove( &p[-1], p, plen - ( p - ipport ) + 1 );
}
} else if ( isv6 ) {
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index 5e0ebbe..5449603 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -182,14 +182,14 @@ int slap_parse_user( struct berval *id, struct berval *user,
if ( !BER_BVISNULL( mech ) ) {
assert( mech->bv_val == id->bv_val + 2 );
- AC_MEMCPY( mech->bv_val - 2, mech->bv_val, mech->bv_len + 1 );
+ memmove( mech->bv_val - 2, mech->bv_val, mech->bv_len + 1 );
mech->bv_val -= 2;
}
if ( !BER_BVISNULL( realm ) ) {
assert( realm->bv_val >= id->bv_val + 2 );
- AC_MEMCPY( realm->bv_val - 2, realm->bv_val, realm->bv_len + 1 );
+ memmove( realm->bv_val - 2, realm->bv_val, realm->bv_len + 1 );
realm->bv_val -= 2;
}
--------------090408030902080204080503--