-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor: handle in-output errors for string functions (Part 1) #11854
base: main
Are you sure you want to change the base?
Conversation
✅ Deploy Preview for meta-velox canceled.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is for debugging purpose, but it is perf sensitive, so should not throw or print. And in the case it is truncated, snprintf
already put 0 at end so no need to do it ourselves.
int result = snprintf(entry.label, entry.kLabelCapacity, "%s", label_.c_str()); | ||
|
||
if (result < 0) { | ||
throw std::runtime_error("Encoding error in snprintf"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On error I suggest to set the first byte to null byte. That's all that is needed to ensure the buffer doesn't contains anything bad. I think the buffer itself is not initialized prior so could contain random data which is overwritten or on error we set the null byte at the beginning. This should take care of errors and use of an uninitialized buffer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes we can do that. This virtually never happens though so we should wrap the condition inside FOLLY_UNLIKELY
so CPU don't waste time decoding the unused instructions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
PR Description:
Detect and address input/output errors that can result in undefined behavior. Ensure proper error handling for I/O functions that may fail and leave variables uninitialized. Neglecting to check the status of these functions before using their outputs (e.g., memory buffers, file descriptors, etc.) can lead to undefined program behavior. This update enforces checks on commonly used I/O functions to validate their return values and prevent improper usage.
This is first of the several changes for this refactoring.