[PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, 02 May 2013, Tomi Ollila wrote: > On Thu, May 02 2013, Vladimir Marek wrote: > >>> > int prefix_len = strlen (prefix); >>> > -const char *term = NULL; >>> > +std::string term; >>> > char *value; >>> > >>> > i.skip_to (prefix); >>> > >>> > -if (i != end) >>>

[PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, May 02 2013, Vladimir Marek wrote: >> > int prefix_len = strlen (prefix); >> > -const char *term = NULL; >> > +std::string term; >> > char *value; >> > >> > i.skip_to (prefix); >> > >> > -if (i != end) >> > - term = (*i).c_str (); >> > +if (i == end)

[PATCH 01/24] lib/message.cc: stale pointer bug

> > int prefix_len = strlen (prefix); > > -const char *term = NULL; > > +std::string term; > > char *value; > > > > i.skip_to (prefix); > > > > -if (i != end) > > - term = (*i).c_str (); > > +if (i == end) > > + return NULL; > > > > -if (!term ||

[PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, May 02 2013, Vladimir.Marek at oracle.com wrote: > From: Vladimir Marek > > Xapian::TermIterator::operator* returns std::string which is destroyed > as soon as (*i).c_str() finishes. The remembered pointer 'term' then > references invalid memory. Looks to me like a good solution...

[PATCH 01/24] lib/message.cc: stale pointer bug

Uh, oh, it's patch 01/01 actually. There's 23 other patches waiting but will be submitted separately. > Xapian::TermIterator::operator* returns std::string which is destroyed > as soon as (*i).c_str() finishes. The remembered pointer 'term' then > references invalid memory. I reworded the

[PATCH 01/24] lib/message.cc: stale pointer bug

From: Vladimir Marek Xapian::TermIterator::operator* returns std::string which is destroyed as soon as (*i).c_str() finishes. The remembered pointer 'term' then references invalid memory. Signed-off-by: Vladimir Marek --- lib/message.cc | 11 ++- 1 file changed, 6

Re: [PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, May 02 2013, vladimir.ma...@oracle.com wrote: From: Vladimir Marek vlma...@volny.cz Xapian::TermIterator::operator* returns std::string which is destroyed as soon as (*i).c_str() finishes. The remembered pointer 'term' then references invalid memory. Looks to me like a good

Re: [PATCH 01/24] lib/message.cc: stale pointer bug

int prefix_len = strlen (prefix); -const char *term = NULL; +std::string term; char *value; i.skip_to (prefix); -if (i != end) - term = (*i).c_str (); +if (i == end) + return NULL; -if (!term || strncmp (term, prefix,

Re: [PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, May 02 2013, Vladimir Marek vladimir.ma...@oracle.com wrote: int prefix_len = strlen (prefix); -const char *term = NULL; +std::string term; char *value; i.skip_to (prefix); -if (i != end) - term = (*i).c_str (); +if (i == end) +

Re: [PATCH 01/24] lib/message.cc: stale pointer bug

On Thu, 02 May 2013, Tomi Ollila tomi.oll...@iki.fi wrote: On Thu, May 02 2013, Vladimir Marek vladimir.ma...@oracle.com wrote: int prefix_len = strlen (prefix); -const char *term = NULL; +std::string term; char *value; i.skip_to (prefix); -if (i !=

[PATCH 01/24] lib/message.cc: stale pointer bug

From: Vladimir Marek vlma...@volny.cz Xapian::TermIterator::operator* returns std::string which is destroyed as soon as (*i).c_str() finishes. The remembered pointer 'term' then references invalid memory. Signed-off-by: Vladimir Marek vlma...@volny.cz --- lib/message.cc | 11 ++- 1

Re: [PATCH 01/24] lib/message.cc: stale pointer bug

Uh, oh, it's patch 01/01 actually. There's 23 other patches waiting but will be submitted separately. Xapian::TermIterator::operator* returns std::string which is destroyed as soon as (*i).c_str() finishes. The remembered pointer 'term' then references invalid memory. I reworded the comment