[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Code doesn't seem ... right

From: Danny Trebbien <dtrebbien_at_gmail.com>
Date: Mon, 24 Jan 2011 16:00:24 -0800

On Mon, Jan 24, 2011 at 2:22 PM, C. Michael Pilato <cmpilato_at_collab.net> wrote:
> [Using dev@ as a public TODO list to avoid pushing stack on a task.]
>
> In mod_dav_svn/mirror.c:dav_svn__location_body_filter() and
> dav_svn__location_in_filter() are code blocks like this:
>
>    if (uri.path)
>        canonicalized_uri = svn_urlpath__canonicalize(uri.path, r->pool);
>    else
>        canonicalized_uri = uri.path;
>    if (strcmp(canonicalized_uri, root_dir) == 0) {
>    [...]
>
> So ... if uri.path == NULL, then canonicalized_uri is set to NULL, and then
> that NULL is used in a strcmp().  Won't that SEGFAULT?

Passing NULL for either argument to strcmp() results in undefined behavior.

In 7.1.4, Use of library functions, the C Standard states:

> Each of the following statements applies unless explicitly stated otherwise
> in the detailed descriptions that follow: If an argument to a function has an
> invalid value (such as a value outside the domain of the function, or a
> pointer outside the address space of the program, or a null pointer, or a
> pointer to non-modifiable storage when the corresponding parameter is not
> const-qualified) or a type (after promotion) not expected by a function with
> variable number of arguments, the behavior is undefined.

Combined with the fact that 7.21.4.2, The `strcmp` function, does not
explicitly state otherwise that a NULL pointer is allowed for either
argument to strcmp(), this is UB.
Received on 2011-01-25 01:01:02 CET

This is an archived mail posted to the Subversion Dev mailing list.