On 3/11/26 07:47, sun jian wrote: > On Tue, Mar 10, 2026 at 8:28 PM Viktor Malik <[email protected]> wrote: >> >> Does this fix any real issue with the test? I can see one very >> hypothetical false negative when the uninitialized memory would contain >> "iter" but that seems very unlikely to happen. >> > > Hi Viktor, > > Thanks for the feedback. > > Even if the probability of a false positive is low, the current code > is still incorrect:
It's actually a false negative, i.e. test reporting as passing because it finds "iter" in the random bytes while it's actually missing. In an absolute majority of cases, the random bytes wouldn't matter because "iter" would be found early in the initialized part of the buffer. So, since this fix only makes difference for cases when the test is failing, I don't think it's worth patching it. But I'll let maintainers decide, I'm not sure what the common practice is for these cases. Viktor > on short reads it NUL-terminates only at the end of the buffer, so strstr() > can > scan uninitialized stack bytes. That makes the helper potentially > non-deterministic. > > Terminating at len makes it deterministic and ensures we only inspect > data actually > returned by read(). > > Regards, > Sun Jian >
