[haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus

From: Rene Gollent <anevilyak@xxxxxxxxx>
To: haiku-commits@xxxxxxxxxxxxx
Date: Fri, 6 May 2011 15:58:07 -0400

On Fri, May 6, 2011 at 3:52 PM, John Scipione <jscipione@xxxxxxxxx> wrote:
> strcmp as does strncmp with length 1 returns 102 which will evaluate to true
> for non null-terminated (but not blank) string. This is a potential security
> exploit. Okay okay, so, the changes of a non null-terminated string are low
> so maybe I am just being paranoid here but I am kind of surprised that this
> tomfoolery actually worked. I mean, strcmp() isn't suppose to return 102
> ever, only -1, 0, or 1!

Incorrect, all the standard requires is that the integer be > 0 in one
case and < 0 in the other, c.f.
http://pubs.opengroup.org/onlinepubs/009695399/functions/strcmp.html

Regards,

Rene

Follow-Ups:
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: John Scipione

References:
- [haiku-commits] r41321 - haiku/trunk/src/apps/powerstatus
  - From: kallisti5
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: John Scipione
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: Rene Gollent
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: Alex von Gluck
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: Philippe Houdoin
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: Rene Gollent
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: Philippe Houdoin
- [haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus
  - From: John Scipione

[haiku-commits] Re: r41321 - haiku/trunk/src/apps/powerstatus

Other related posts: