On 05/26/2011 11:38 PM, Alex Rousskov wrote:
On 05/26/2011 10:23 AM, Tsantilas Christos wrote:
Can the above double increment lead to *pos pointing beyond the string
boundaries?
Yes it can, but we do not care because we do not modifying anything
but we are _reading_ those values. I guess there is an undocumented
assumption that the string actually exists beyond the start+len boundary
and whatever characters happen to live after the official end will not
match any of the special characters we worry about.
Even if we read any of the characters we worry about the parsing will
fail on the next "if(pos-start > len)" test some lines after.
There is problem here with the debugs statement and of course accessing
memory which is not given to your process, may causing problems. Just
forget my previous email/comment...
Alex.
