nnrpd's Argify() and passwords with spaces

Russ Allbery rra at stanford.edu
Wed Dec 19 22:04:37 UTC 2001

Jeffrey M Vinocur <jeff at marduk.litech.org> writes:

> The problem stems from the fact that once we've called Argify on the
> input, the whitespace is lost.  The only clean solution we could come up
> with is to only Argify the first n arguments (where n is whatever is
> needed) and thus the remainder would be available for individual
> command-processing functions to use as they see fit.

One thing that you may want to look at if you're rewriting code in this
area is the new vector interface I added to libinn in CURRENT.  My
intention was to eventually replace all the Argify stuff in the source
base with that; the API is a bit more thorough and complete and there's a
test suite for it.

I don't think there are any current split functions for vectors that match
this (split out the first n), but that's obviously generally useful and it
should be reasonably straightforward to add.

> Easily fixed, but for one problem:  if there was leading whitespace,
> argv[0] won't point to the beginning of the malloc'd chunk, and
> attempting to free it would be bad.  It's fixable, of course, but
> requires some thought.  So unless someone has evidence that command
> parsing is a bottleneck...

I doubt that it is, particularly for nnrpd which has to go to disk to do
almost anything anyway.

> and add the following two functions (after which Argify can be defined
> as a wrapper around nArgify with n=-1 for backwards compatibility):

Yeah, if you're going to this sort of work, definitely take a look at
vector (the interface is in include/inn/vector.h).  I think the new code
should be simpler and easier to work with.

> So, two implementation questions:

> - It's pretty clear that leading whitespace should be removed,
>   but what about trailing whitespace?  That is, should a command
>   like "AUTHINFO PASS    foo  bar " be read as a password of 
>   "foo  bar" or "foo  bar "?

>   (In the absence of any strong opinions, the latter is easier to
>   implement.)

I think we may as well support trailing spaces if it's easier.

> - There are two possible behaviors for nArgify/reArgify when
>   there are more than n arguments (and we leave the remainder of
>   the input as argv[n]):

>   * Return n+1.  This has the benefit of making checking for too
>     many arguments very easy, however there is that odd ac-- that
>     has to be done before calls to reArgify (and if there are
>     fewer than n arguments in the first place, later calls to
>     reArgify will walk over the last argument again for no
>     reason, because of the ac--).

>   * Return n.  This conceptually makes more sense, I think, and
>     removes the ac--, but it means that code like (ac > max) has
>     to be rewritten as (ac > max || (ac == max && av[ac] != NULL)).

>   Any thoughts on which is less ugly?  If you were writing code
>   that used these functions, which would you rather see?  Would
>   the latter be improved by having a function (or macro) to
>   encapsulate the check?

I think the vector interface may force a somewhat different decision here,
since you really want to return a new vector.  That argues for doing the
latter, since the number of items you split things into is already stored
in the vector as the vector length.

Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

More information about the inn-workers mailing list