From e540031ad866a3e6758733b3e462e9c6ead25712 Mon Sep 17 00:00:00 2001
From: pjd <pjd@FreeBSD.org>
Date: Mon, 8 Aug 2005 19:38:00 +0000
Subject: Ha! This is a very interesting bug. I copied strcasecmp() from
 userland to the kernel and it didn't worked! I started to debug the problem
 and I find out that this line:

	while (tolower(*us1) == tolower(*us2++)) {

was adding _3_ bytes to 'us2' pointer. Am I loosing my minds here?!...
No, in-kernel tolower() is a macro which uses its argument three times.
Bad tolower(9), no cookie.
---
 sys/libkern/strcasecmp.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/sys/libkern/strcasecmp.c b/sys/libkern/strcasecmp.c
index 8e65827..a058654 100644
--- a/sys/libkern/strcasecmp.c
+++ b/sys/libkern/strcasecmp.c
@@ -43,11 +43,12 @@ strcasecmp(const char *s1, const char *s2)
 {
 	const u_char *us1 = (const u_char *)s1, *us2 = (const u_char *)s2;
 
-	while (tolower(*us1) == tolower(*us2++)) {
+	while (tolower(*us1) == tolower(*us2)) {
 		if (*us1++ == '\0')
 			return (0);
+		us2++;
 	}
-	return (tolower(*us1) - tolower(*--us2));
+	return (tolower(*us1) - tolower(*us2));
 }
 
 int
@@ -59,10 +60,11 @@ strncasecmp(const char *s1, const char *s2, size_t n)
 		const u_char *us2 = (const u_char *)s2;
 
 		do {
-			if (tolower(*us1) != tolower(*us2++))
-				return (tolower(*us1) - tolower(*--us2));
+			if (tolower(*us1) != tolower(*us2))
+				return (tolower(*us1) - tolower(*us2));
 			if (*us1++ == '\0')
 				break;
+			us2++;
 		} while (--n != 0);
 	}
 	return (0);
-- 
cgit v1.1