0
0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-27 07:31:03 +08:00

Problem: unclear rules for passing null arguments

Solution: be more explicit in the code, and in the zmq_recv man
page (which is the most unobvious case). Assert if length is not
zero and buffer is nonetheless null.
This commit is contained in:
Pieter Hintjens 2016-02-06 14:11:21 +01:00
parent 27a8961c37
commit a1f51b695f
5 changed files with 27 additions and 16 deletions

View File

@ -19,7 +19,8 @@ by the 'socket' argument and store it in the buffer referenced by the 'buf'
argument. Any bytes exceeding the length specified by the 'len' argument shall
be truncated. If there are no messages available on the specified 'socket'
the _zmq_recv()_ function shall block until the request can be satisfied.
The 'flags' argument is a combination of the flags defined below:
The 'flags' argument is a combination of the flags defined below: The 'buf'
argument may be null if len is zero.
*ZMQ_DONTWAIT*::
Specifies that the operation should be performed in non-blocking mode. If there

View File

@ -62,9 +62,11 @@ int zmq::sub_t::xsetsockopt (int option_, const void *optval_,
else
if (option_ == ZMQ_UNSUBSCRIBE)
*data = 0;
if (optvallen_ > 0)
// We explicitly allow a NULL subscription with size zero
if (optvallen_) {
assert (optval_);
memcpy (data + 1, optval_, optvallen_);
}
// Pass it further on in the stack.
int err = 0;
rc = xsub_t::xsend (&msg);

View File

@ -226,14 +226,18 @@ void zmq::xsub_t::send_subscription (unsigned char *data_, size_t size_,
{
pipe_t *pipe = (pipe_t*) arg_;
// Create the subsctription message.
// Create the subscription message.
msg_t msg;
int rc = msg.init_size (size_ + 1);
errno_assert (rc == 0);
unsigned char *data = (unsigned char*) msg.data ();
data [0] = 1;
if (size_ > 0)
// We explicitly allow a NULL subscription with size zero
if (size_) {
assert (data_);
memcpy (data + 1, data_, size_);
}
// Send it to the pipe.
bool sent = pipe->write (&msg);

View File

@ -390,14 +390,16 @@ int zmq_send (void *s_, const void *buf_, size_t len_, int flags_)
return -1;
}
zmq_msg_t msg;
int rc = zmq_msg_init_size (&msg, len_);
if (rc != 0)
if (zmq_msg_init_size (&msg, len_))
return -1;
if (len_ > 0)
memcpy (zmq_msg_data (&msg), buf_, len_);
// We explicitly allow a send from NULL, size zero
if (len_) {
assert (buf_);
memcpy (zmq_msg_data (&msg), buf_, len_);
}
zmq::socket_base_t *s = (zmq::socket_base_t *) s_;
rc = s_sendmsg (s, &msg, flags_);
int rc = s_sendmsg (s, &msg, flags_);
if (unlikely (rc < 0)) {
int err = errno;
int rc2 = zmq_msg_close (&msg);
@ -517,12 +519,14 @@ int zmq_recv (void *s_, void *buf_, size_t len_, int flags_)
return -1;
}
// At the moment an oversized message is silently truncated.
// TODO: Build in a notification mechanism to report the overflows.
// An oversized message is silently truncated.
size_t to_copy = size_t (nbytes) < len_ ? size_t (nbytes) : len_;
if (to_copy > 0)
memcpy (buf_, zmq_msg_data (&msg), to_copy);
// We explicitly allow a null buffer argument if len is zero
if (to_copy) {
assert (buf_);
memcpy (buf_, zmq_msg_data (&msg), to_copy);
}
rc = zmq_msg_close (&msg);
errno_assert (rc == 0);

View File

@ -27,7 +27,7 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "macros.hpp"
#include "testutil.hpp"
#if defined ZMQ_HAVE_WINDOWS
#include "windows.hpp"
@ -50,7 +50,7 @@ void sleep_ (long timeout_)
void handler (int timer_id, void* arg)
{
LIBZMQ_UNUSED (timer_id);
(void) timer_id; // Stop 'unused' compiler warnings
*((bool *)arg) = true;
}