Tarantool development patches archive
 help / color / mirror / Atom feed
From: Safin Timur via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: imeevma@tarantool.org
Cc: tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH v1 1/1] sql: fix a segfault in hex() on receiving zeroblob
Date: Fri, 3 Sep 2021 22:20:01 +0300	[thread overview]
Message-ID: <5b9c9dbb-1de6-ac7c-b432-4e878873e83d@tarantool.org> (raw)
In-Reply-To: <3fddf927be4ef819b63e172f29af58ac352da640.1630304393.git.imeevma@gmail.com>

This version is much simpler and is quite readable as is.

LGTM.

Though few unimportant notes...

On 30.08.2021 9:20, imeevma@tarantool.org wrote:
> This patch fixes a segmentation fault when zeroblob is received by the
> SQL built-in HEX() function.
> 
> Closes #6113
> ---
> https://github.com/tarantool/tarantool/issues/6113
> https://github.com/tarantool/tarantool/tree/imeevma/gh-6113-fix-hex-segfault-2.8
> 

> diff --git a/src/box/sql/func.c b/src/box/sql/func.c
> index b137c6125..3ef31705e 100644
> --- a/src/box/sql/func.c
> +++ b/src/box/sql/func.c
> @@ -1221,15 +1221,21 @@ hexFunc(sql_context * context, int argc, sql_value ** argv)
>   	UNUSED_PARAMETER(argc);
>   	pBlob = mem_as_bin(argv[0]);
>   	n = mem_len_unsafe(argv[0]);
> +	assert((argv[0]->flags & MEM_Zero) == 0 ||
> +	       argv[0]->type == MEM_TYPE_BIN);

I believe this is unncessary, as those exactly checks were already done 
inside of mem_len()

> +	int zero_len = (argv[0]->flags & MEM_Zero) == 0 ? 0 : argv[0]->u.nZero;
>   	assert(pBlob == mem_as_bin(argv[0]));	/* No encoding change */
>   	z = zHex = contextMalloc(context, ((i64) n) * 2 + 1);

Worth to note that here contextMalloc() used to check passed length 
against SQL_LIMIT_LENGTH, in the newer code this check disappeared.

>   	if (zHex) {
> -		for (i = 0; i < n; i++, pBlob++) {
> +		for (i = 0; i < n - zero_len; i++, pBlob++) {
>   			unsigned char c = *pBlob;
>   			*(z++) = hexdigits[(c >> 4) & 0xf];
>   			*(z++) = hexdigits[c & 0xf];
>   		}
> -		*z = 0;
> +		assert(i == n || (argv[0]->flags & MEM_Zero) != 0);
> +		assert(n == zero_len + i);
> +		memset(z, '0', 2 * zero_len);
> +		z[2 * zero_len] = '\0';
>   		sql_result_text(context, zHex, n * 2, sql_free);
>   	}
>   }

Regards,
Timur

  reply	other threads:[~2021-09-03 19:20 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-30  6:20 Mergen Imeev via Tarantool-patches
2021-09-03 19:20 ` Safin Timur via Tarantool-patches [this message]
  -- strict thread matches above, loose matches on Subject: below --
2021-10-05 12:49 Mergen Imeev via Tarantool-patches
2021-08-30  6:30 Mergen Imeev via Tarantool-patches
2021-08-31 19:32 ` Timur Safin via Tarantool-patches
2021-09-01  8:44   ` Mergen Imeev via Tarantool-patches
2021-09-03 19:19     ` Safin Timur via Tarantool-patches
2021-09-06  9:45       ` Mergen Imeev via Tarantool-patches
2021-09-06 20:32         ` Safin Timur via Tarantool-patches
2021-09-07  9:16           ` Mergen Imeev via Tarantool-patches
2021-08-26 11:11 Mergen Imeev via Tarantool-patches
2021-08-26 20:42 ` Vladislav Shpilevoy via Tarantool-patches
2021-08-27  8:26   ` Mergen Imeev via Tarantool-patches
2021-08-27 21:31     ` Vladislav Shpilevoy via Tarantool-patches
2021-08-26 11:10 Mergen Imeev via Tarantool-patches
2021-08-26 20:31 ` Vladislav Shpilevoy via Tarantool-patches
2021-08-27  7:54   ` Mergen Imeev via Tarantool-patches
2021-08-27 21:52     ` Vladislav Shpilevoy via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5b9c9dbb-1de6-ac7c-b432-4e878873e83d@tarantool.org \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=imeevma@tarantool.org \
    --cc=tsafin@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH v1 1/1] sql: fix a segfault in hex() on receiving zeroblob' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox