Hi David, on Fri, Nov 04, 2005 at 23:23:11 -0500, you wrote:
Thanks! :)
> Your observations about the code are very good, though not totally
> correct. If you look at function process_config_option(), you'll see
> that the original config line is duplicated and split at the '='
> character (which has been replaced by '\0'). The "*t--" code is
> applied to the part after '=' and the loop to erase whitespace will
> never backup to the part before the '='.
I'm sorry, but apart from the fact that relying upon such
circumstances does not lead to robust code, I still beg to differ
regarding these circumstances. :)
process_config_option() indeed duplicates the original line, splits it
as you described and passes a pointer to the second part ("val") down
through process_config_option_as_arg() and process_arg() to
get_string() as the second parameter "arg".
get_string() as per your patch however then duplicates arg to s, which
thus is a new block of memory starting with the beginning of arg and,
unlike the one arg points into, the former '=' is not before it.
t gets to point to s and then is eventually decreased by one and
accessed by isspace(*t) during the first iteration as I described
previously.
elmar
--
.'"`. /"\
| :' : Elmar Hoffmann <[EMAIL PROTECTED]> ASCII Ribbon Campaign \ /
`. `' GPG key available via pgp.net against HTML email X
`- & vCards / \
signature.asc
Description: Digital signature
