fix: avoid pointer underflow for empty input

[jarvis9443]

Fixes a small undefined-behavior edge case in the padding check for empty input.

need_allocation() computed buf + len - 1 unconditionally. When len == 0, that forms a pointer before the start of the input buffer before simdjson can return the normal EMPTY parse error. The runtime behavior is benign in normal builds, but the pointer arithmetic itself is undefined C++ behavior.

This change forces allocation for zero-length input before doing the end-of-buffer page check. The observable decode behavior stays the same: empty input returns simdjson: error: EMPTY: no JSON found.

Validation:

PATH=/usr/local/openresty/nginx/sbin:$PATH prove -v t/02-decode.t
PATH=/usr/local/openresty/nginx/sbin:$PATH make test

Summary by CodeRabbit

• Bug Fixes

  • Fixed handling of empty input to properly return an error instead of relying on subsequent calculations.

• Tests

  • Added test coverage to verify that empty strings return appropriate error messages.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 97f00b09-6212-4665-a3e2-4d85e9021e62

📥 Commits

Reviewing files that changed from the base of the PR and between 4c52029 and 29a25a5.

📒 Files selected for processing (2)

• src/simdjson_ffi.cpp
• t/02-decode.t

---

📝 Walkthrough

Walkthrough

The PR adds an explicit empty-input guard to the C++ allocator function and introduces a test case validating that decoding an empty JSON string produces an error with an "EMPTY" marker in the message.

Changes

Empty Input Validation

Layer / File(s)	Summary
Empty input guard and test src/simdjson_ffi.cpp, t/02-decode.t	need_allocation explicitly checks for empty input (len == 0) and returns true immediately, avoiding unsafe pointer arithmetic. A test case verifies that decoding an empty string returns nil with an error message containing "EMPTY".

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Suggested reviewers

• membphis
• nic-6443

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: avoid pointer underflow for empty input' accurately reflects the main change: handling empty input safely to avoid undefined pointer arithmetic behavior.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
E2e Test Quality Review	✅ Passed	E2E test via real Nginx/Lua/FFI stack; tests boundary case (empty string); clear assertions; proper error handling; directly solves pointer underflow issue with no unrelated changes.
Security Check	✅ Passed	No security vulnerabilities found across all 7 categories; PR fixes undefined behavior in empty input handling with appropriate test coverage and no sensitive data exposure or authorization issues.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/fix-empty-input-padding

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0