Provide consistent behaviour for memchr(_,_,0)

A memchr() search of a zero-byte range returns an undefined value. On arm32 it always returns NULL, but on arm64 it does not. This causes random crashes while reading /proc/self/maps when loading the 64-bit libchrome. Fix by setting the value to which memchr() assigns to NULL if the search range is zero bytes. There are three calls to memchr(). Two of them could encounter this; the third is safe. BUG=394306 Review URL: https://codereview.chromium.org/405153002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284693 0039d316-1c4b-4281-b951-d872f2087c98

Provide consistent behaviour for memchr(_,_,0)
A memchr() search of a zero-byte range returns an undefined value. On arm32 it always returns NULL, but on arm64 it does not. This causes random crashes while reading /proc/self/maps when loading the 64-bit libchrome. Fix by setting the value to which memchr() assigns to NULL if the search range is zero bytes. There are three calls to memchr(). Two of them could encounter this; the third is safe. BUG=394306 Review URL: https://codereview.chromium.org/405153002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284693 0039d316-1c4b-4281-b951-d872f2087c98
cd168d33 · simonb@chromium.org · d31ddcf1 · cd168d33 · cd168d33 · cd168d33
Commit cd168d33 authored Jul 22, 2014 by simonb@chromium.org
3 changed files
--- a/third_party/android_crazy_linker/README.chromium
+++ b/third_party/android_crazy_linker/README.chromium
@@ -29,3 +29,5 @@ Local Modifications:
 - Fix -Werror=sign-compare error encountered in NDK build.

 - Improve permission denied message to mention upgrading from L-preview.
+
+- Fix for crbug/394306 (Chrome crashes during startup ... on Arm64 AAW15)
--- a/third_party/android_crazy_linker/src/src/crazy_linker_line_reader.cpp
+++ b/third_party/android_crazy_linker/src/src/crazy_linker_line_reader.cpp
@@ -51,10 +51,15 @@ bool LineReader::GetNextLine() {
         buff_size_,
         buff_capacity_);

-    // Find the end of the current line in the current buffer.
+    // Find the end of the current line in the current buffer. The result
+    // of memchr(_,_,0) is undefined, treated as not-found.
    const char* line = buff_ + line_start_;
-    const char* line_end = reinterpret_cast<const char*>(
-        ::memchr(line, '\n', buff_size_ - line_start_));
+    const size_t range = buff_size_ - line_start_;
+    const char* line_end;
+    if (range > 0)
+      line_end = reinterpret_cast<const char*>(::memchr(line, '\n', range));
+    else
+      line_end = NULL;
    if (line_end != NULL) {
      // Found one, return it directly.
      line_len_ = static_cast<size_t>(line_end + 1 - line);

--- a/third_party/android_crazy_linker/src/src/crazy_linker_proc_maps.cpp
+++ b/third_party/android_crazy_linker/src/src/crazy_linker_proc_maps.cpp
@@ -56,10 +56,15 @@ bool ParseProcMapsLine(const char* line,
      p++;

    // find start and end of current token, and compute start of
-    // next search.
+    // next search. The result of memchr(_,_,0) is undefined, treated as
+    // not-found.
    const char* tok_start = p;
-    const char* tok_end =
-        static_cast<const char*>(memchr(p, separator, line_end - p));
+    const size_t range = line_end - p;
+    const char* tok_end;
+    if (range > 0)
+      tok_end = static_cast<const char*>(memchr(p, separator, range));
+    else
+      tok_end = NULL;
    if (!tok_end) {
      tok_end = line_end;
      p = line_end;