update-copyright: generalize comment handling

[gnulib.git] / tests / test-strstr.c

diff --git a/tests/test-strstr.c b/tests/test-strstr.c
index d8bec15..37f4bac 100644 (file)
--- a/tests/test-strstr.c
+++ b/tests/test-strstr.c
@@ -24,6 +24,8 @@
 #include <stdlib.h>
 #include <unistd.h>
 
+#include "zerosize-ptr.h"
+
 #define ASSERT(expr) \
   do                                                                        \
     {                                                                       \
@@ -61,11 +63,23 @@ main (int argc, char *argv[])
   }
 
   {
-    /* See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521737 */
-    char *input = strdup ("aBaaaaaaaaaaax");
-    const char *result = strstr (input, "B1x");
+    /* On some platforms, the memchr() functions reads past the first
+       occurrence of the byte to be searched, leading to an out-of-bounds
+       read access for strstr().
+       See <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521737>.
+       This is a bug in memchr(), see the Austin Group's clarification
+       <http://www.opengroup.org/austin/docs/austin_454.txt>.  */
+    const char *fix = "aBaaaaaaaaaaax";
+    char *page_boundary = (char *) zerosize_ptr ();
+    size_t len = strlen (fix) + 1;
+    char *input = page_boundary ? page_boundary - len : malloc (len);
+    const char *result;
+
+    strcpy (input, fix);
+    result = strstr (input, "B1x");
     ASSERT (result == NULL);
-    free (input);
+    if (!page_boundary)
+      free (input);
   }
 
   {