Skip to content

Small fixes for Timestamp and UTCDateTime #857

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jmikola merged 2 commits into from
Jun 22, 2018
Merged

Small fixes for Timestamp and UTCDateTime #857

jmikola merged 2 commits into from
Jun 22, 2018

Conversation

@jmikola
Copy link
Member

@jmikola jmikola commented Jun 21, 2018

No description provided.

jmikola added 2 commits June 21, 2018 15:36
@jmikola
Update bson_ascii_strtoll() usage in Timestamp and UTCDateTime
e584ee8 
bson_ascii_strtoll() resets errno, so that is no longer necessary. This also removes some outdated comments.
@jmikola
Use static string buffer for UTCDateTime::__toString()
ae98012
@jmikola jmikola requested a review from derickr June 21, 2018 19:39
derickr
derickr reviewed Jun 22, 2018
View reviewed changes
src/BSON/UTCDateTime.c
efree(tmp);
s_milliseconds_len = snprintf(s_milliseconds, sizeof(s_milliseconds), "%" PRId64, intern->milliseconds);

PHONGO_RETVAL_STRINGL(s_milliseconds, s_milliseconds_len);
Copy link
Contributor

@derickr derickr Jun 22, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason for making this change? The use of snprintf is potentially unsafe due to strange \0 termination rules, and spprintf is preferred.

Copy link
Member Author

@jmikola jmikola Jun 22, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

jsonSerialize(), which is effectively the same thing, was already using snprintf() with a static buffer (24 is sufficient to hold INT64_MIN and the null byte).

I don't follow why this would be potentially unsafe. My understanding is that snprintf() always adds a null byte (at the expense of the string it's printing if it were to approach the buffer size). See: https://stackoverflow.com/q/7706936/162228. This makes it safer than sprintf() (risk of no termination) and comparable to spprintf(), which would also always terminate the allocated string.

@jmikola jmikola mentioned this pull request Jun 22, 2018
Merged
derickr
derickr approved these changes Jun 22, 2018
View reviewed changes
Copy link
Contributor

@derickr derickr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@jmikola jmikola merged commit ae98012 into mongodb:master Jun 22, 2018
jmikola added a commit that referenced this pull request Jun 22, 2018
@jmikola
Merge pull request #857
72cf685
@jmikola jmikola deleted the bson-fixups branch June 22, 2018 16:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@derickr derickr derickr approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jmikola @derickr