On Fri, 5 Apr 2002, Brad Nicholes wrote:
> I'm still seeing a problem with apr_tokenize_to_argv() that causes the
> parser to run off the end string. I know this causes a fault on
> NetWare, but since I don't understand this code completely and the
> comments about allowing for a NULL argument are confusing, I was hoping
> someone would confirm or deny the problem.
Confirmed (by inspection). You're quite right... we've just been getting
lucky.
This appears semantically correct to me, though I haven't tested it:
Index: apr_cpystrn.c
===================================================================
RCS file: /home/cvs/apr/strings/apr_cpystrn.c,v
retrieving revision 1.10
diff -u -d -r1.10 apr_cpystrn.c
--- apr_cpystrn.c 13 Mar 2002 20:39:26 -0000 1.10
+++ apr_cpystrn.c 5 Apr 2002 18:41:19 -0000
@@ -168,10 +168,9 @@
* Must account for the trailing NULL arg.
*/
numargs = 1;
- while (*ct != '\0') {
+ for (; *ct != '\0'; ct++) {
CHECK_QUOTATION(ct, isquoted);
DETERMINE_NEXTSTRING(ct, isquoted);
- ct++;
numargs++;
SKIP_WHITESPACE(ct);
}
The only semantic difference is that if DETERMINE_NEXTSTRING lands on a "
then the ct++ from before would skip over it and SKIP_WHITESPACE would
proceed to skip whitespace _inside_ the quote. Then back to the top of
the loop, and CHECK_QUOTATION would never have seen the " to set isquoted
to 1. But as far as I can tell, that's also a bug, and using the for loop
fixes that as well.
Brad, can you test this for me (since I don't have a good test case)?
Thanks,
Cliff
--------------------------------------------------------------
Cliff Woolley
[EMAIL PROTECTED]
Charlottesville, VA
