commonlib/bsd/string: Fix pointer overflow for strnlen()

When `maxlen` is large (such as SIZE_MAX), the `end` pointer will overflow, causing strnlen() to incorrectly return 0. To not make the implementation over-complicated, fix the problem by using a counter. BUG=b:359951393 TEST=make unit-tests -j BRANCH=none Change-Id: Ic9d983b11391f5e05c2bceb262682aced5206f94 Signed-off-by: Yu-Ping Wu <yupingso@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/83914 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Karthik Ramasubramanian <kramasub@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mario Scheithauer <mario.scheithauer@siemens.com>
author: Yu-Ping Wu <yupingso@chromium.org> 2024-08-15 10:17:38 +0800
committer: Julius Werner <jwerner@chromium.org> 2024-08-15 18:16:23 +0000
commit: 078a5a0e7ca006f6536d3a72e94f49f4d52f8953 (patch)
tree: a4e0abb654700dbda3149270ab60c16b4c6a13cc /src/commonlib
parent: 0b2f9c9582af96fa3de82e2e7ab7c4f99119e1a4 (diff)
1 files changed, 4 insertions, 6 deletions
diff --git a/src/commonlib/bsd/string.c b/src/commonlib/bsd/string.c
index 16cd4b5e1d..56670e8862 100644
--- a/src/commonlib/bsd/string.c
+++ b/src/commonlib/bsd/string.c
@@ -15,12 +15,10 @@ size_t strlen(const char *str)
 
 size_t strnlen(const char *str, size_t maxlen)
 {
-	const char *ptr = str;
-	const char *end = str + maxlen + 1;
-
-	while (*ptr++ && ptr < end)
-		;
-	return ptr - str - 1;
+	size_t len = 0;
+	while (*str++ && len < maxlen)
+		len++;
+	return len;
 }
 
 char *strcat(char *dst, const char *src)
author	Yu-Ping Wu <yupingso@chromium.org>	2024-08-15 10:17:38 +0800
committer	Julius Werner <jwerner@chromium.org>	2024-08-15 18:16:23 +0000
commit	078a5a0e7ca006f6536d3a72e94f49f4d52f8953 (patch)
tree	a4e0abb654700dbda3149270ab60c16b4c6a13cc /src/commonlib
parent	0b2f9c9582af96fa3de82e2e7ab7c4f99119e1a4 (diff)