From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2414
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: [PATCH] Fix strverscmp
Date: Wed, 5 Dec 2012 14:35:21 -0500
Message-ID: <20121205193520.GN20323@brightrain.aerifal.cx>
References: <20121205110959.87b6111a.idunham@lavabit.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1354736132 31238 80.91.229.3 (5 Dec 2012 19:35:32 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 5 Dec 2012 19:35:32 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-2415-gllmg-musl=m.gmane.org@lists.openwall.com Wed Dec 05 20:35:45 2012
Return-path: <musl-return-2415-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-2415-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1TgKkz-0002T0-Fb
	for gllmg-musl@plane.gmane.org; Wed, 05 Dec 2012 20:35:45 +0100
Original-Received: (qmail 7306 invoked by uid 550); 5 Dec 2012 19:35:33 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 7298 invoked from network); 5 Dec 2012 19:35:33 -0000
Content-Disposition: inline
In-Reply-To: <20121205110959.87b6111a.idunham@lavabit.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Xref: news.gmane.org gmane.linux.lib.musl.general:2414
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/2414>

On Wed, Dec 05, 2012 at 11:09:59AM -0800, Isaac Dunham wrote:
> On the Puppy Linux forums, technosaurus mentioned that musl's
> strverscmp implementation was broken; he has a small version of
> strverscmp that works properly, which he placed under a CC0-like
> license.
> 
> This patch changes strverscmp to use his version. Results are
> comparable to glibc.

I'm not opposed to adding this, but the code has some bugs, most
notably integer overflow. On filenames consisting of long digit
strings, it will invoke undefined behavior. If the results are
unpredictable, it might even cause qsort to invoke very bad undefined
behavior.

It would also, for example, cause these two names to compare equal:

- foobar-1.1.2
- foobar-1.01.3

just because the first component that differs textually compares equal
numerically.

It also shares the same issues (which we should arguably duplicate
anyway) with the original strverscmp, that names consisting of hex
values get sorted in a ridiculous and harmful way.

If we're to implement this function, some thought about getting it
correct is needed..

Rich