Web lists-archives.com

[PATCH v2 1/2] mailinfo: use starts_with() for clarity




Existing checks using memcmp(3) never read past the end of the line,
because all substrings we are interested in are two characters long, and
the outer loop guarantees we have at least one character. So at most we
will look at the NUL.

However, this is too subtle and may lead to bugs in code which copies
this behavior without realizing substring length requirement.  So use
starts_with() instead, which will stop at NUL regardless of the length
of the prefix. Remove extra pair of parentheses while we are here.

Helped-by: Jeff King <peff@xxxxxxxx>
Signed-off-by: Andrei Rybak <rybak.a.v@xxxxxxxxx>
---

On Mon, Apr 01, 2019 at 06:11:57 -0400, Jeff King wrote:
> I wonder if it's worth re-writing it like:

Turned Peff's suggestion into a patch.

 mailinfo.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mailinfo.c b/mailinfo.c
index b395adbdf2..f4aaa89788 100644
--- a/mailinfo.c
+++ b/mailinfo.c
@@ -693,8 +693,8 @@ static int is_scissors_line(const char *line)
 			perforation++;
 			continue;
 		}
-		if ((!memcmp(c, ">8", 2) || !memcmp(c, "8<", 2) ||
-		     !memcmp(c, ">%", 2) || !memcmp(c, "%<", 2))) {
+		if (starts_with(c, ">8") || starts_with(c, "8<") ||
+		    starts_with(c, ">%") || starts_with(c, "%<")) {
 			in_perforation = 1;
 			perforation += 2;
 			scissors += 2;
-- 
2.21.0