Subject: Re: Performance of various memcpy()'s
To: None <,>
From: TAMURA Kent <>
List: tech-userlevel
Date: 10/29/2002 12:47:49
In message "Re: Performance of various memcpy()'s"
    on 02/10/29, Bang Jun-Young <> writes:
> That check is only compiled in if _DIAGNOSTIC is defined at compile
> time. Obviously it has nothing to do with protecting system from
> attackers.

Right.  It has no effect without _DIAGNOSTIC.

> Unless %ecx is a negative, %edi and %esi are always larger than 12(%esp)
> and 16(%esp), respectively. Calling assert is even more strange;

Please imagine that src (or dst) is 0x12345678 and length (%ecx)
is 0xffffffff.  Copying over the end of the address space is
always meaningless in NetBSD, and may crash the program or may
help exploits.

> "src + length > src" string is passed to assert on dst check, and
> "dst + length > dst" on src check.

Oops, it is a typo.

TAMURA Kent <> <>