[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 2/2] Adapt to new VIR_STRNDUP behavior



On 05/24/2013 06:57 AM, Michal Privoznik wrote:
> On 24.05.2013 11:53, Michal Privoznik wrote:
>> With previous patch, we accept negative value as length of string to
>> duplicate. So there is no need to pass strlen(src) in case we want to do
>> duplicate the whole string.
>> ---

>> -        if (VIR_STRNDUP(arg, curr, next ? next - curr : strlen(curr)) < 0)
>> +        if (VIR_STRNDUP(arg, curr, next ? next - curr : -1) < 0)
> 
> Or we can even go with 'VIR_STRNDUP(arg, curr, next - curr) < 0' but
> that's not so easy to read. The rationale behind is: I intentionally
> made VIR_STRNDUP to accept *any* negative value, not just -1. Because if
> strrchr(cur, '\n') just a few lines above fails, next is just NULL.
> Deducting from NULL will get a negative value. Which will make
> VIR_STRNDUP duplicate the while string. But I worry that it would be an
> ugly code, wouldn't it?

It would be undefined behavior according to the C standard.  Pointer
subtraction is only well-defined within the bounds of a single object;
your object (in C terminology) starts at 'curr' and ends at the NUL byte
that terminates 'curr'.  NULL falls outside that bounds.  'next - curr'
is not guaranteed to be negative, since C says the behavior is
undefined.  Stick with the long form.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]