Re: [Libguestfs] [PATCH nbdkit v2 2/6] main: Tighten up characters permitted in config keys.

On 09/08/2018 03:15 AM, Richard W.M. Jones wrote: >Previously key=value on the command line allowed the key to be pretty >much anything that didn't contain an '=' character. Even empty >strings were permitted. > >This tightens up the permitted keys so they must contain only ASCII >alphanumeric, period, underscore or dash characters, and must not be >an empty string. Do we want to further restrict things to start with a letter or underscore (and not a dot, digit, or dash)? >--- > docs/nbdkit-plugin.pod | 18 ++++++++++-------- > src/main.c | 32 +++++++++++++++++++++++++++++++- > 2 files changed, 41 insertions(+), 9 deletions(-) > >+static int >+is_config_key (const char *key, size_t len) >+{ >+ const char allowed[] = >+ "abcdefghijklmnopqrstuvwxyz" >+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ" >+ "0123456789" >+ "._-"; >+ size_t i; >+ >+ if (key[0] == '\0')

>+ return 0; >+ >+ for (i = 0; i < len; ++i) { >+ if (strchr (allowed, key[i]) == NULL) Why not use strspn and checking against the length, instead of rolling an O(n^2) algorithm yourself? The libc version might have optimizations to run faster, although the speed of this loop is probably in the noise.