-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
url: fix array overrun in node:url::SetArgs() #47001
Conversation
Review requested:
|
b099ef0
to
4d5188a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small suggestion; otherwise lgtm.
void SetArgs(Environment* env, Local<Value> argv[10], const ada::result& url) { | ||
void SetArgs(Environment* env, | ||
Local<Value> (*argv)[10], | ||
const ada::result& url) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ideally this parameter should be an const ada::url&
. It doesn't make sense to pass an ada::result
in when we always expect it to be filled with the "valid" value.
In fact the call sites should probably change from this:
ada::result out = ada::parse(input.ToStringView());
CHECK(out);
out->set_protocol(…);
to
ada::result out = ada::parse(input.ToStringView());
CHECK(out);
const ada::url& url = out.value();
url.set_protocol(…);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
out.value()
returns a copy. The current implementation looks unsafe, but CHECK(out)
ensures that it is not. I tried to avoid returning a copy. @lemire wrote about this on Ada's discussion board: ada-url/ada#200
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you misunderstood ada-url/ada#200. out.value()
(and equivalently *out
) does not return a copy by itself. It returns a reference, so if you put it into a const ada::url&
then no copies are made.
On the other hand, ada::url url = *out
, which would make a copy. That's not what I'm suggesting here.
Alternatively, you can also do
ada::result out = ada::parse(input.ToStringView());
CHECK(out);
ada::url url = std::move(*out);
which is written under the "performance tip". It would also avoid a copy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is likely that the current code is safe and efficient. I think we are discussing 'coding style' which is subjective.
I don't personally find the url->...
annoying.
I am slightly triggered by the (*argv)[..]
however. :-)
What about using a reference to an array instead?
Local<Value> (&argv)[10]
(The ampersand would be dropped from the calling site.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a style guide thing: pointers for things that are mutated, const references otherwise.
With mutable references it's sometimes ambiguous to a reader if code operates on the original or on a copy. With pointers, no such ambiguity exists.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The current fix LGTM but it feels like a C-style fix. Since this is a C++ file, we could also leverage the power of C++:
Since the problem described in #46541 (comment) is about array arguments decaying to pointers, why don't we use std::array
here instead? The doc states:
Unlike a C-style array, it doesn't decay to T* automatically.
Doing that should also address https://github.com/nodejs/node/pull/47001/files#r1130218455:
I am slightly triggered by the (*argv)[..] however. :-)
@RaisinTen per convention, the |
Or you could just return a |
You could also just return a |
Since there isn't any |
Landed in 72e971e |
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment)
PR-URL: #47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: #47001 (comment) PR-URL: #47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: #47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: #47001 (comment) PR-URL: #47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
blocked by #46736 |
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: nodejs#47001 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: nodejs#47001 (comment) PR-URL: nodejs#47035 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: #47001 Backport-PR-URL: #48345 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Implements a review suggestion from 72e971e. Refs: #47001 (comment) PR-URL: #47035 Backport-PR-URL: #48345 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
I am following up on @tniessen's pull request and @bnoordhuis's comments. @TimothyGu, thanks for the mention & reminder
Reference: #46541 (comment)