-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Minimize unsafe C functions usage - replace strcat() and strcpy() - continued #2516
Conversation
|
d0134e5
to
354de40
Compare
Marked as WIP. Investigating failing MTR tests. |
5f70ae2
to
9f8f14a
Compare
7fbddc3
to
b88b393
Compare
Removed changes that were the cause of failing tests. Could this be reviewed? |
7130ec6
to
2d73c86
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some minor changes needed. I flagged a couple of the changes that go > 80 characters, but there are several more too.
sql/my_json_writer.cc
Outdated
@@ -201,13 +201,13 @@ void Json_writer::add_size(longlong val) | |||
{ | |||
/* Values less than 16MB are specified in KB for precision */ | |||
len= my_snprintf(buf, sizeof(buf), "%lld", val/1024); | |||
strcpy(buf + len, "Kb"); | |||
safe_strcpy(buf + len, sizeof(buf) - len, "Kb"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This one and the one below should probably all be wrapped up into the my_snprintf()
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done. let me know if this looks alright to you.
ccd3731
to
4669259
Compare
4669259
to
2192f94
Compare
2192f94
to
7b18497
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me, I'll pass on to a second review.
strcpy(buf + len, "Kb"); | ||
len+= 2; | ||
} | ||
len= my_snprintf(buf, sizeof(buf), "%lldKb", val/1024); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Something for another time (not this pull request). Lower case 'b' is the wrong terminology here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Noted. Thanks for the correction.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor style comment. Looks good to me. OK to push after the change.
sql/hostname.cc
Outdated
@@ -513,42 +513,48 @@ int ip_to_hostname(struct sockaddr_storage *ip_storage, | |||
|
|||
DBUG_EXECUTE_IF("getnameinfo_error_noname", | |||
{ | |||
strcpy(hostname_buffer, "<garbage>"); | |||
safe_strcpy(hostname_buffer, sizeof(hostname_buffer), | |||
"<garbage>"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indentation is wrong here. The string should be aligned with the opening (
on the previous row. Same as the other DBUG_EXECUTE_IFs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @cvicentiu, just to avoid pushing commits back and forth I'll just ask here.
Is this the indentation you had in mind?
DBUG_EXECUTE_IF("getnameinfo_error_noname",
{
safe_strcpy(hostname_buffer, sizeof(hostname_buffer),
"<garbage>");
err_code= EAI_NONAME;
}
);
Is this ok to push to 10.4 or would you like me to rebase to 10.5? |
I'd suggest 10.5, just to be on the safe side. We're doing the very last 10.4 within a couple of weeks. |
7b18497
to
522afb8
Compare
@vuvova Rebased to 10.5 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
approving, based on #2516 (review)
Similar to MariaDB#2480. 567b681 introduced safe_strcpy() to minimize the use of C with potentially unsafe memory overflow with strcpy() whose use is discouraged. Replace instances of strcpy() with safe_strcpy() where possible, limited here to files in the `sql/` directory. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.
522afb8
to
13c023a
Compare
Description
567b681 introduced safe_strcpy() to minimize the use of C with
potentially unsafe memory overflow with strcpy() whose use is
discouraged.
Replace instances of strcpy() with safe_strcpy() where possible, limited
here to files in the
sql/
directory.How can this PR be tested?
All passing MTR tests still pass. Tested manually and in CI.
Basing the PR against the correct MariaDB version
PR quality check
Copyright
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer
Amazon Web Services, Inc.