[Tarantool-patches] [PATCH v3 15/16] module api: add box_key_def_validate_key()
Alexander Turenko
alexander.turenko at tarantool.org
Thu Oct 15 16:18:37 MSK 2020
On Thu, Oct 15, 2020 at 01:41:50AM +0200, Vladislav Shpilevoy wrote:
> Thanks for the patch!
>
> See 2 comments below.
>
> On 13.10.2020 01:23, Alexander Turenko wrote:
> > The function allows to verify a key against a key definition. It accepts
> > a partial key.
> >
> > Part of #5273
> > ---
> > src/box/key_def.c | 13 +++++
> > src/box/key_def.h | 21 ++++++++
> > src/exports.h | 1 +
> > test/app-tap/module_api.c | 88 ++++++++++++++++++++++++++++++++
> > test/app-tap/module_api.test.lua | 2 +-
> > 5 files changed, 124 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/box/key_def.c b/src/box/key_def.c
> > index da1c23135..55ac79362 100644
> > --- a/src/box/key_def.c
> > +++ b/src/box/key_def.c
> > @@ -627,6 +627,19 @@ box_key_def_extract_key(box_key_def_t *key_def, box_tuple_t *tuple,
> > return tuple_extract_key(tuple, key_def, multikey_idx, key_size_ptr);
> > }
> >
> > +int
> > +box_key_def_validate_key(const box_key_def_t *key_def, const char *key)
> > +{
> > + uint32_t part_count = mp_decode_array(&key);
> > + if (part_count > key_def->part_count) {
> > + diag_set(ClientError, ER_KEY_PART_COUNT, key_def->part_count,
> > + part_count);
> > + return -1;
> > + }
> > + const char *key_end;
>
> 1. Don't you want to make it an out parameter? We won't be able to add it
> later, in case it will be ever needed.
It seems to be quite specific case: when we validate an array of keys.
However, okay, why not?
I'll do it consistent with _extract_key(): <uint32_t *key_size_ptr>.
I'll also eliminate all those problems with const, when a caller-side
<char *key_end> is infected by const and must be <const char *key_end>.
It'll be a bit intruisive on 1.10: several usages of
key_validate_parts() must be updated like it was done on 2.* somewhere
around key_list introduction.
Added on the branches (for box_key_def_validate_full_key() as well).
The change looks so on master:
diff --git a/src/box/key_def.c b/src/box/key_def.c
index 55ac79362..ca8a00dc5 100644
--- a/src/box/key_def.c
+++ b/src/box/key_def.c
@@ -628,16 +628,20 @@ box_key_def_extract_key(box_key_def_t *key_def, box_tuple_t *tuple,
}
int
-box_key_def_validate_key(const box_key_def_t *key_def, const char *key)
+box_key_def_validate_key(const box_key_def_t *key_def, const char *key,
+ uint32_t *key_size_ptr)
{
- uint32_t part_count = mp_decode_array(&key);
+ const char *pos = key;
+ uint32_t part_count = mp_decode_array(&pos);
if (part_count > key_def->part_count) {
diag_set(ClientError, ER_KEY_PART_COUNT, key_def->part_count,
part_count);
return -1;
}
- const char *key_end;
- return key_validate_parts(key_def, key, part_count, true, &key_end);
+ int rc = key_validate_parts(key_def, pos, part_count, true, &pos);
+ if (rc == 0 && key_size_ptr != NULL)
+ *key_size_ptr = pos - key;
+ return rc;
}
/* }}} Module API functions */
diff --git a/src/box/key_def.h b/src/box/key_def.h
index 8d942ee8f..9a0339757 100644
--- a/src/box/key_def.h
+++ b/src/box/key_def.h
@@ -557,14 +557,19 @@ box_key_def_extract_key(box_key_def_t *key_def, box_tuple_t *tuple,
*
* Note: nil is accepted for nullable fields, but only for them.
*
- * @param key_def Key definition.
- * @param key MessagePack'ed data for matching.
+ * @param key_def Key definition.
+ * @param key MessagePack'ed data for matching.
+ * @param key_size_ptr Here will be size of the validated key.
*
* @retval 0 The key is valid.
* @retval -1 The key is invalid.
+ *
+ * In case of an error set a diag and return -1.
+ * @sa <box_error_last>().
*/
API_EXPORT int
-box_key_def_validate_key(const box_key_def_t *key_def, const char *key);
+box_key_def_validate_key(const box_key_def_t *key_def, const char *key,
+ uint32_t *key_size_ptr);
/** \endcond public */
diff --git a/test/app-tap/module_api.c b/test/app-tap/module_api.c
index 778e7c3c0..f13b4be38 100644
--- a/test/app-tap/module_api.c
+++ b/test/app-tap/module_api.c
@@ -1746,14 +1746,17 @@ test_key_def_validate_key(struct lua_State *L)
* | 5 | [1, 2, 3] | invalid |
* | 6 | [1, -1] | invalid |
*/
- const char *keys[] = {
- /* [0] = */ "\x92\x01\x01",
- /* [1] = */ "\x92\x01\xc0",
- /* [2] = */ "\x91\x01",
- /* [3] = */ "\x90",
- /* [4] = */ "\x91\xc0",
- /* [5] = */ "\x93\x01\x02\x03",
- /* [6] = */ "\x92\x01\xff",
+ struct {
+ const char *data;
+ uint32_t size;
+ } keys[] = {
+ /* [0] = */ {"\x92\x01\x01", 3},
+ /* [1] = */ {"\x92\x01\xc0", 3},
+ /* [2] = */ {"\x91\x01", 2},
+ /* [3] = */ {"\x90", 1},
+ /* [4] = */ {"\x91\xc0", 2},
+ /* [5] = */ {"\x93\x01\x02\x03", 4},
+ /* [6] = */ {"\x92\x01\xff", 3},
};
int expected_results[] = {
/* [0] = */ 0,
@@ -1775,10 +1778,23 @@ test_key_def_validate_key(struct lua_State *L)
};
for (size_t i = 0; i < lengthof(keys); ++i) {
- int rc = box_key_def_validate_key(key_def, keys[i]);
+ uint32_t key_size = 0;
+ const char *key = keys[i].data;
+ int rc = box_key_def_validate_key(key_def, key, &key_size);
assert(rc == expected_results[i]);
- if (expected_error_codes[i] != box_error_code_MAX) {
+ if (expected_error_codes[i] == box_error_code_MAX) {
+ /* Verify key_size. */
+ assert(key_size != 0);
+ assert(key_size == keys[i].size);
+
+ /*
+ * Verify that no NULL pointer dereference
+ * occurs when NULL is passed as
+ * key_size_ptr.
+ */
+ box_key_def_validate_key(key_def, key, NULL);
+ } else {
assert(rc != 0);
box_error_t *e = box_error_last();
assert(box_error_code(e) == expected_error_codes[i]);
>
> > + return key_validate_parts(key_def, key, part_count, true, &key_end);
> > +}
> > +
> > /* }}} Module API functions */
> >
> > diff --git a/src/box/key_def.h b/src/box/key_def.h
> > index 1b27836a8..440f2fb13 100644
> > --- a/src/box/key_def.h
> > +++ b/src/box/key_def.h
> > @@ -545,6 +545,27 @@ API_EXPORT char *
> > box_key_def_extract_key(box_key_def_t *key_def, box_tuple_t *tuple,
> > int multikey_idx, uint32_t *key_size_ptr);
> >
> > +/**
> > + * Check a key against given key definition.
> > + *
> > + * Verifies key parts against given key_def's field types with
> > + * respect to nullability.
> > + *
> > + * A partial key (with less part than defined in @a key_def) is
> > + * verified by given key parts, the omitted tail is not verified
> > + * anyhow.
> > + *
> > + * Note: nil is accepted for nullable fields, but only for them.
> > + *
> > + * @param key_def Key definition.
> > + * @param key MessagePack'ed data for matching.
> > + *
> > + * @retval 0 The key is valid.
> > + * @retval -1 The key is invalid.
>
> 2. Maybe it is worth saying in all the new public functions, that
> if they return -1, it means diag is set, and is available via
> box_error_message() and shit.
Sure.
Added phrases as follows on the branches:
| In case of an error set a diag and return -1.
| @sa <box_error_last>().
| In case of an error set a diag and return NULL.
| @sa <box_error_last>().
| In case of an invalid tuple set a diag and return -1.
| @sa <box_error_last>().
| In case of an invalid key set a diag and return -1.
| @sa <box_error_last>().
The list of functions, where I did it:
- box_key_def_new_v2
- box_key_def_dump_parts
- box_key_def_validate_tuple
- box_key_def_merge
- box_key_def_extract_key
- box_key_def_validate_key
- box_key_def_validate_full_key
The rest of added functions already mention the diagnostics area
somehow.
Aside of this I observed that box_region_alloc() and
box_region_aligned_alloc() must also set a diag, because they're box api
functions. Fixed this on the branches.
diff --git a/src/lib/core/fiber.c b/src/lib/core/fiber.c
index 33ec47c66..fab7740b2 100644
--- a/src/lib/core/fiber.c
+++ b/src/lib/core/fiber.c
@@ -1377,13 +1377,19 @@ box_region_used(void)
void *
box_region_alloc(size_t size)
{
- return region_alloc(&fiber()->gc, size);
+ void *res = region_alloc(&fiber()->gc, size);
+ if (res == NULL)
+ diag_set(OutOfMemory, size, "region_alloc", "data");
+ return res;
}
void *
box_region_aligned_alloc(size_t size, size_t alignment)
{
- return region_aligned_alloc(&fiber()->gc, size, alignment);
+ void *res = region_aligned_alloc(&fiber()->gc, size, alignment);
+ if (res == NULL)
+ diag_set(OutOfMemory, size, "region_alloc", "aligned data");
+ return res;
}
void
diff --git a/src/lib/core/fiber.h b/src/lib/core/fiber.h
index ca3028b20..539e5c8e7 100644
--- a/src/lib/core/fiber.h
+++ b/src/lib/core/fiber.h
@@ -444,6 +444,9 @@ box_region_used(void);
* or array of values of a type with alignment requirements. A
* violation of alignment requirements leads to undefined
* behaviour.
+ *
+ * In case of a memory error set a diag and return NULL.
+ * @sa <box_error_last>().
*/
API_EXPORT void *
box_region_alloc(size_t size);
@@ -452,6 +455,9 @@ box_region_alloc(size_t size);
* Allocate size bytes from the box region with given alignment.
*
* Alignment must be a power of 2.
+ *
+ * In case of a memory error set a diag and return NULL.
+ * @sa <box_error_last>().
*/
API_EXPORT void *
box_region_aligned_alloc(size_t size, size_t alignment);
More information about the Tarantool-patches
mailing list