[kudu-CR] gutil/strings: fix UB in FindNth

Thu, 31 Oct 2019 11:38:06 -0700 

Alexey Serbin has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/14585 )

Change subject: gutil/strings: fix UB in FindNth
......................................................................


Patch Set 1:

(5 comments)

http://gerrit.cloudera.org:8080/#/c/14585/1//COMMIT_MSG
Commit Message:

http://gerrit.cloudera.org:8080/#/c/14585/1//COMMIT_MSG@9
PS1, Line 9: It's not OK to overflow an unsigned type (size_t) in this way
Why?  As of my knowledge, size_t is unsigned type.  It overflows safely, and 
that's the documented behavior.


http://gerrit.cloudera.org:8080/#/c/14585/1//COMMIT_MSG@11
PS1, Line 11: int instead of size_t
I think this is even more unsafe: it's not safe to overflow signed types.


http://gerrit.cloudera.org:8080/#/c/14585/1/src/kudu/gutil/strings/string_util-test.cc
File src/kudu/gutil/strings/string_util-test.cc:

http://gerrit.cloudera.org:8080/#/c/14585/1/src/kudu/gutil/strings/string_util-test.cc@64
PS1, Line 64: }
Could you add a test for:

  FindNth("abcd", 'e', std::max<int>()) ?


http://gerrit.cloudera.org:8080/#/c/14585/1/src/kudu/gutil/strings/util.cc
File src/kudu/gutil/strings/util.cc:

http://gerrit.cloudera.org:8080/#/c/14585/1/src/kudu/gutil/strings/util.cc@1026
PS1, Line 1026: int n
What if I pass std::max<int>() here?


http://gerrit.cloudera.org:8080/#/c/14585/1/src/kudu/gutil/strings/util.cc@1030
PS1, Line 1030: s.find_first_of(c, pos + 1);
Instead, could we leave 'pos' as 'size_t' and we rewrite it like:

pos = s.find_first_of(c, (pos == string::npos) ? 0 : pos + 1);


?



--
To view, visit http://gerrit.cloudera.org:8080/14585
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I00a36f999a8c3b13469600b785da95c487643d4a
Gerrit-Change-Number: 14585
Gerrit-PatchSet: 1
Gerrit-Owner: Adar Dembo <[email protected]>
Gerrit-Reviewer: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Andrew Wong <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Thu, 31 Oct 2019 18:36:59 +0000
Gerrit-HasComments: Yes

Reply via email to