httpd-apreq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Schaefer <joe+apa...@sunstarsys.com>
Subject Re: the effectiveness of split_to_parms
Date Fri, 19 Apr 2002 13:16:02 GMT
Stas Bekman <stas@stason.org> writes:

> in request.c
> 
> Any reason why do we call unescape and req_plustospace functions in a 
> loop, instead of doing this once on *data? I think calling the function 
> once on a long string is faster then calling the same function 20 times 
> (if we have 10 fields) on shorter strings.
> 
> Also what's the use of calling req_plustospace on the key string?

Because the key string might contain plus signs!

> 
> static void split_to_parms(apreq_request_t *req, const char *data)
> {
>      request_rec *r = req->r;
>      const char *val;
> 
>      while (*data && (val = my_urlword(r->pool, &data))) {
> 	const char *key = ap_getword(r->pool, &val, '=');
> 
> 	req_plustospace((char*)key);
> 	ap_unescape_url((char*)key);
> 	req_plustospace((char*)val);
> 	ap_unescape_url((char*)val);
> 
> 	apr_table_add(req->parms, key, val);
>      }
> 
> }
> 
> I'd write it as:
> 
>      req_plustospace((char*)data);
>      ap_unescape_url((char*)data);
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

That's wrong.  Moving plustospace outside the loop is OK, but
you can't safely/correctly unescape *data until AFTER you've 
split the string using the [;&] tokens.  You might include a
test case using data from a form like

  <input name="email address" value="default;blank&amp;unknown" />
  
>      while (*data && (val = my_urlword(r->pool, &data))) {
> 	apr_table_add(req->parms, ap_getword(r->pool, &val, '='), val);
>      }
> 
> I'm not sure if it's valid to modify 'val' in the second arg and
> expect its value to be modified in the third. I must use a tmp var,
> right? 

Right- in C parlance, the code exhibits Undefined Behavior.  Given 
the way many compilers handle function args (right to left),  it's 
likely your code will do the Wrong Thing here.  A demon might fly 
out of your nose if you try to run it, or so goes the legend of 
comp.lang.c :-)

-- 
Joe Schaefer
joe@sunstarsys.com

Mime
View raw message