On 13/09/2013 06:12, Marvin Humphrey wrote:
On Thu, Sep 5, 2013 at 3:11 PM, <[email protected]> wrote:
// Read key-value pairs with String keys.
while (num_strings--) {
uint32_t len = InStream_Read_C32(instream);
- char *key_buf = Str_Grow(key, len);
+ char *key_buf = (char*)MALLOCATE(len + 1);
InStream_Read_Bytes(instream, key_buf, len);
key_buf[len] = '\0';
- Str_Set_Size(key, len);
+ String *key = Str_new_steal_from_trusted_str(key_buf, len, len + 1);
Hash_Store(hash, (Obj*)key, THAW(instream));
+ DECREF(key);
}
When reading the key, we should use a constructor which validates incoming
UTF-8 rather than Str_new_steal_from_trusted_str because we don't know (and
therefore don't "trust") the origin of the bytes we're deserializing.
+1
Now that the code pattern above appears in quite a few places, we should
also consider a new method like:
incremented String*
InStream_Read_Utf8(InStream *self, size_t len);
Nick
