Re: [HACKERS] Open 6.4 items

Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:

> Well, I hate to ruin your day,

You sure didn't! You made my day! :-)

> but coming pre-armed with the knowledge
> that the code is writing one byte too many, it's pretty obvious that the
> first loop in inet_net_pton_ipv4 does indeed do that. Specifically at
> else if (size-- > 0)
> *++dst = 0, dirty = 0;
> where, when size (the number of remaining destination bytes) is reduced
> to 0, the code nonetheless advances dst and clears the next byte.

You're quite right, and I should have caught this one myself, only I
must have goofed when I tested the function. (It is written in a
style that's just obscure enough that I chose testing it instead of
studying it until I understood in detail what it did.) As far as I
can tell, the only actual error in Paul Vixie's code is that the two
lines you quote above should be:

else if (--size > 0)
*++dst = 0, dirty = 0;

That is, size should be predecremented instead of postdecremented.
I'm cc-ing Paul on this, as I assume he wants to get the fix into
BIND, which is where inet_net_ntop() and inet_net_pton() came from.

> BTW, shouldn't this routine clear out all "size" bytes of the
> destination, even if the given data doesn't fill it all? A memset
> at the top might be worthwhile.

It does: there is code further down that handles that. Another
example of the obscure programming style: this function really shows
what a low-level language C is! :-)

-tih
--
Popularity is the hallmark of mediocrity. --Niles Crane, "Frasier"