micro-optimize backref when the reference is the subject tail
test is already included in c01.vtc
-
This doesn't look right to me -- the static match function only copies strlen() of the subject string into workspace, if it has to copy, but not the terminating null:
static VCL_BOOL match(VRT_CTX, vre_t *vre, VCL_STRING subject, struct vmod_priv *task, const struct vre_limits *vre_limits) { // ... len = strlen(subject); // ... if (WS_Inside(ctx->ws, subject, subject + len)) ov->subject = subject; else if ((ov->subject = WS_Copy(ctx->ws, (const void *) subject, len)) == NULL) { // ...
If the
WS_Inside()
condition here is true, then maybe we have the terminating null, but maybe we don't -- we only check for the rangesubject
tosubject + len
. It was intentional thatbackref()
doesn't depend on having the terminating null (the ovector math in pcre doesn't require that).What part of c01.vtc did you think tests this? I suspect that either
start[len] == '\0'
in line 241 of the commit is never true, so only the else clause executes; or the condition is true "by accident", because that location of workspace might happen to have been null already. But not because it was intentionally null.We don't have any tests that use workspace right up to the limit, so the "out of workspace" conditions and tests for
WS_Inside()
andWS_Assert_Allocated()
are never tested. If we did, then I suspect that theWS_Assert_Allocated()
in line 240 would fail, because we only copiedlen
bytes. notlen + 1
.