Don't use strtok(3) #276
Don't use strtok(3) #276
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: haesbaert The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Welcome @haesbaert! |
k8s-ci-robot
added
cncf-cla: no
| static time_t get_token_expiration_time(const char *token_string) | ||
| { | ||
| static char fname[] = "get_token_expiration_time()"; | ||
| char *last; |
There was a problem hiding this comment.
nit: please set to explicit NULL
kubernetes/watch/watch_util.c
Outdated
|
|
||
| static int wu_convert_to_json_array(list_t * json_array, const char *json_string) | ||
| { | ||
| char *last; |
|
small request for explicit NULL for the You also need to sign the CLA. |
|
For example, in this project: #ifndef _WIN32
or
check_symbol_exists(secure_getenv "stdlib.h" HAVE_SECURE_GETENV)
#if defined(HAVE_SECURE_GETENV) |
Fixed the nit, I need to get approval for the CLA, will come back to you, meanwhile I fixed another bug, see below. |
Thanks, I've added a check for HAVE_STRTOK_R, which also made me realize the test for HAVE_STRNDUP was broken as utils.c never included "config.h". I'm falling back from strtok_r to strtok, if that's not good enough, I'd suggest copying the one from OpenBSD since it's simple enough and it's BSD3 licensed. |
|
Hi @haesbaert Thanks for the PR! I recommend: check_symbol_exists(secure_getenv "stdlib.h" HAVE_STRTOK_R)
char *p = NULL;
char *last = NULL;
#if defined(HAVE_STRTOK_R)
p = strtok_r(dup_token_string, OIDC_ID_TOKEN_DELIM, &last); /* jwt header */
#else
p = strtok(dup_token_string, OIDC_ID_TOKEN_DELIM); /* jwt header */
#endif
if (!p) {
fprintf(stderr, "%s: The token <%s> is not a valid JWT token.\n", fname, token_string);
goto end;
}
#if defined(HAVE_STRTOK_R)
p = strtok_r(NULL, OIDC_ID_TOKEN_DELIM, &last); /* jwt part2 */
#else
p = strtok(NULL, OIDC_ID_TOKEN_DELIM); /* jwt part2 */
#endif
if (!p) {
fprintf(stderr, "%s: The token <%s> is not a valid JWT token.\n", fname, token_string);
goto end;Just like What do you think ? |
strtok(3) is not re-entrant, use strtok_r(3), since windows doesn't have it, guard it under HAVE_STRTOK_R on the same scheme as HAVE_STRNCPY. While adding HAVE_STRTOK_R I noticed utils.c was not including config.h, which also made the HAVE_STRNCPY test fail, so fix it as well.
k8s-ci-robot
added
cncf-cla: yes
Thanks for getting back and apologies for the long delay, got busy and there was some holidays. |
| @@ -1,3 +1,4 @@ | |||
| #include "config.h" | |||
There was a problem hiding this comment.
There is a build error due to this including. https://github.com/kubernetes-client/c/actions/runs/17549510255/job/50128037985?pr=276
maybe need to include the relative path of config.h or change the CMakeLists.txt in the oidc directory.
There was a problem hiding this comment.
I included the src directory in 4bd8a7d
I'm not sure how to trigger a build that builds that, so I couldn't properly test.
There was a problem hiding this comment.
The build still fails.
You can build locally using the following command.
cd kubernetes/config/authn_plugin/plugins/oidc
mkdir build
cd build
cmake ..
make
|
Hi @haesbaert Welcome back ! and thanks for making these changes. |
strtok(3) is not re-entrant, use strtok_r(3).
--
strtok(3) will break on multithreaded programs, basically anyone using the watch callback would break on multithreaded.