Re: apr_token_* conclusions

From: Stefan Sperling <stsp_at_apache.org>
Date: Thu, 28 Jan 2016 08:15:23 +0100

On Wed, Jan 27, 2016 at 10:40:06PM -0600, William A Rowe Jr wrote:
> If you are new to the conversation, include/apr_cstr.h has absorbed much of
> the efforts of svn_cstring_* API's into apr_cstr_* functions.

I'm very happy to see our strtol()-wrappers in APR. These wrap the POSIX
functions with strict error checking. I hope this will encourage APR
consumers to routinely check for errors while parsing numbers rather than
trusting input. We did this for SVN and it caught a range of issues from
simple user input problems to detection of integer overflows caused by
repository on-disk corruption.

Note that we do have a special strtol() implementation for performance
critical paths in the repository filesystem code:
^/subversion/trunk/subversion/libsvn_fs_fs/id.c:locale_independent_strtol()

Some parts of the filesystem still use svn_cstring_strtoi64() instead
because they're either not performance critical or require specific
range checks.
Received on 2016-01-28 08:15:30 CET

This message: [ Message body ]
Next message: Bert Huijben: "RE: svn commit: r1727276 - in /subversion/trunk/subversion: libsvn_client/resolved.c svn/conflict-callbacks.c"
Previous message: William A Rowe Jr: "Re: apr_token_* conclusions"
In reply to: William A Rowe Jr: "Re: apr_token_* conclusions"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]