* [PATCH] json: Avoid calling strlen(NULL)
@ 2010-04-06 7:25 David Edmondson
2010-04-06 8:17 ` Anthony Towns
0 siblings, 1 reply; 4+ messages in thread
From: David Edmondson @ 2010-04-06 7:25 UTC (permalink / raw)
To: notmuch
commit b65817262b3a275ecd0ef1898d92ec5508a9f810
Author: David Edmondson <dme@dme.org>
Date: Tue Apr 6 08:24:00 2010 +0100
json: Avoid calling strlen(NULL)
MIME parts may have no filename, which previously resulted in calling
strlen(NULL).
Modified json.c
diff --git a/json.c b/json.c
index f90b0fa..b73f22a 100644
--- a/json.c
+++ b/json.c
@@ -105,5 +105,8 @@ json_quote_chararray(const void *ctx, const char *str, const size_t len)
char *
json_quote_str(const void *ctx, const char *str)
{
+ if (str == NULL)
+ return (char *)"\"\"";
+
return (json_quote_chararray (ctx, str, strlen (str)));
}
dme.
--
David Edmondson, http://dme.org
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] json: Avoid calling strlen(NULL)
2010-04-06 7:25 [PATCH] json: Avoid calling strlen(NULL) David Edmondson
@ 2010-04-06 8:17 ` Anthony Towns
2010-04-06 8:31 ` David Edmondson
2010-04-20 15:59 ` Carl Worth
0 siblings, 2 replies; 4+ messages in thread
From: Anthony Towns @ 2010-04-06 8:17 UTC (permalink / raw)
To: David Edmondson; +Cc: notmuch
On Tue, Apr 6, 2010 at 17:25, David Edmondson <dme@dme.org> wrote:
> json: Avoid calling strlen(NULL)
> MIME parts may have no filename, which previously resulted in calling
> strlen(NULL).
> char *
> json_quote_str(const void *ctx, const char *str)
> {
> + if (str == NULL)
> + return (char *)"\"\"";
> +
> return (json_quote_chararray (ctx, str, strlen (str)));
> }
There's already a check in json_quote_chararray for len==0, so it
might be sensible to say:
return (json_quote_chararray (ctx, str, str != NULL ? strlen (str) : 0));
OTOH, the code in json_quote_array to deal with that does the same
thing (returns a literal string containing two quote marks), which
seems wrong -- the normal code path is to talloc to get a newly
allocated, editable string, that might be talloc_free'd later,
wouldn't it make more sense just to let the str==NULL / len==0
behaviour fall through into the normal case code?
FWIW:
commit 5b93a488221b50c02db18d86a550cb3c038c00da
Author: Anthony <aj@erisian.com.au>
Date: Tue Apr 6 18:10:39 2010 +1000
json: Avoid calling strlen(NULL), and always return a newly talloced array.
MIME parts may have a no filename, which causes json_quote_str()
to be invoked
with NULL instead of a string.
diff --git a/json.c b/json.c
index f90b0fa..5e379ef 100644
--- a/json.c
+++ b/json.c
@@ -57,9 +57,6 @@ json_quote_chararray(const void *ctx, const char
*str, const size_t len)
size_t loop;
size_t required;
- if (len == 0)
- return (char *)"\"\"";
-
for (loop = 0, required = 0, ptr = str;
loop < len;
loop++, required++, ptr++) {
@@ -105,5 +102,8 @@ json_quote_chararray(const void *ctx, const char
*str, const size_t len)
char *
json_quote_str(const void *ctx, const char *str)
{
+ if (str == NULL)
+ str = "";
+
return (json_quote_chararray (ctx, str, strlen (str)));
}
--
Anthony Towns <aj@erisian.com.au>
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] json: Avoid calling strlen(NULL)
2010-04-06 8:17 ` Anthony Towns
@ 2010-04-06 8:31 ` David Edmondson
2010-04-20 15:59 ` Carl Worth
1 sibling, 0 replies; 4+ messages in thread
From: David Edmondson @ 2010-04-06 8:31 UTC (permalink / raw)
To: Anthony Towns; +Cc: notmuch
On Tue, 6 Apr 2010 18:17:44 +1000, Anthony Towns <aj@erisian.com.au> wrote:
> OTOH, the code in json_quote_array to deal with that does the same
> thing (returns a literal string containing two quote marks), which
> seems wrong -- the normal code path is to talloc to get a newly
> allocated, editable string, that might be talloc_free'd later,
> wouldn't it make more sense just to let the str==NULL / len==0
> behaviour fall through into the normal case code?
This is a much nicer solution.
dme.
--
David Edmondson, http://dme.org
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] json: Avoid calling strlen(NULL)
2010-04-06 8:17 ` Anthony Towns
2010-04-06 8:31 ` David Edmondson
@ 2010-04-20 15:59 ` Carl Worth
1 sibling, 0 replies; 4+ messages in thread
From: Carl Worth @ 2010-04-20 15:59 UTC (permalink / raw)
To: Anthony Towns, David Edmondson; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 928 bytes --]
> There's already a check in json_quote_chararray for len==0, so it
> might be sensible to say:
>
> return (json_quote_chararray (ctx, str, str != NULL ? strlen (str) : 0));
>
> OTOH, the code in json_quote_array to deal with that does the same
> thing (returns a literal string containing two quote marks), which
> seems wrong -- the normal code path is to talloc to get a newly
> allocated, editable string, that might be talloc_free'd later,
> wouldn't it make more sense just to let the str==NULL / len==0
> behaviour fall through into the normal case code?
Yes, that's the correct analysis. Thanks so much.
> commit 5b93a488221b50c02db18d86a550cb3c038c00da
> Author: Anthony <aj@erisian.com.au>
> Date: Tue Apr 6 18:10:39 2010 +1000
>
> json: Avoid calling strlen(NULL), and always return a newly
> talloced array.
I've pushed this out now, (separated into two pieces).
-Carl
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-04-20 15:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-04-06 7:25 [PATCH] json: Avoid calling strlen(NULL) David Edmondson
2010-04-06 8:17 ` Anthony Towns
2010-04-06 8:31 ` David Edmondson
2010-04-20 15:59 ` Carl Worth
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).