Date: Wed, 5 Dec 2012 14:35:21 -0500 From: Rich Felker <dalias@...ifal.cx> To: musl@...ts.openwall.com Subject: Re: [PATCH] Fix strverscmp On Wed, Dec 05, 2012 at 11:09:59AM -0800, Isaac Dunham wrote: > On the Puppy Linux forums, technosaurus mentioned that musl's > strverscmp implementation was broken; he has a small version of > strverscmp that works properly, which he placed under a CC0-like > license. > > This patch changes strverscmp to use his version. Results are > comparable to glibc. I'm not opposed to adding this, but the code has some bugs, most notably integer overflow. On filenames consisting of long digit strings, it will invoke undefined behavior. If the results are unpredictable, it might even cause qsort to invoke very bad undefined behavior. It would also, for example, cause these two names to compare equal: - foobar-1.1.2 - foobar-1.01.3 just because the first component that differs textually compares equal numerically. It also shares the same issues (which we should arguably duplicate anyway) with the original strverscmp, that names consisting of hex values get sorted in a ridiculous and harmful way. If we're to implement this function, some thought about getting it correct is needed.. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.