From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/13305
Path: news.gmane.org!.POSTED!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: un-UBify-strings
Date: Sat, 22 Sep 2018 23:15:02 -0400
Message-ID: <20180923031502.GH17995@brightrain.aerifal.cx>
References: <20180923003542.GC17995@brightrain.aerifal.cx>
 <A2638F6B-B7FB-48E2-92CD-CE492C41B971@trust-in-soft.com>
 <20180923023234.GE17995@brightrain.aerifal.cx>
 <20180923024511.GF17995@brightrain.aerifal.cx>
 <6D4B315A-2D77-426B-99DC-29BC2B723396@trust-in-soft.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1537672390 11552 195.159.176.226 (23 Sep 2018 03:13:10 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Sun, 23 Sep 2018 03:13:10 +0000 (UTC)
User-Agent: Mutt/1.5.21 (2010-09-15)
To: musl@lists.openwall.com
Original-X-From: musl-return-13321-gllmg-musl=m.gmane.org@lists.openwall.com Sun Sep 23 05:13:06 2018
Return-path: <musl-return-13321-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by blaine.gmane.org with smtp (Exim 4.84_2)
	(envelope-from <musl-return-13321-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1g3upW-0002uq-2L
	for gllmg-musl@m.gmane.org; Sun, 23 Sep 2018 05:13:06 +0200
Original-Received: (qmail 3514 invoked by uid 550); 23 Sep 2018 03:15:15 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Original-Received: (qmail 3493 invoked from network); 23 Sep 2018 03:15:14 -0000
Content-Disposition: inline
In-Reply-To: <6D4B315A-2D77-426B-99DC-29BC2B723396@trust-in-soft.com>
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:13305
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/13305>

On Sun, Sep 23, 2018 at 03:10:14AM +0000, Pascal Cuoq wrote:
> 
> On 23 Sep 2018, at 04:45, Rich Felker <dalias@libc.org<mailto:dalias@libc.org>> wrote:
> I'm also trying to fix the UB in
> address range checks for implementing memmove as memcpy, etc. Is this
> correct:
> 
> if ((uintptr_t)s-(uintptr_t)d-n <= -2*n) return memcpy(d, s, n);
> 
> ?
> 
> It looks okay to me. You want to test whether
> (uintptr_t)s-(uintptr_t)d, computed as a mathematical integer, is
> between -n and n, and since uintptr_t is unsigned, you are using the
> well-known trick of aligning one of the bounds with 0 so that both
> inequalities can be tested in one instruction.

Right.

> It would seen more natural to me to work on the right-hand side of
> zero, that it, to compute (uintptr_t)s-(uintptr_t)d+n and to check
> whether that is <= 2*n (overlap) or > 2*n (no overlap). The
> generated code may even be one instruction shorter. Apart from that,
> as long as we have the hypothesis that n <= UINTPTR_MAX/2, I cannot
> immediately see any reason why it would not work.

dist(s,d)==n is a no-overlap case. Otherwise I think this is correct
and we can use:

	if ((uintptr_t)s-(uintptr_t)d+n >= 2*n) return memcpy(d, s, n);

Yes?

Rich