From 317a217bf8fa6c31c1b48193941a50ef64c155ab Mon Sep 17 00:00:00 2001
From: Alejandro Colomar <alx@nginx.com>
Date: Sat, 29 Oct 2022 23:23:06 +0200
Subject: Using nxt_nitems() instead of sizeof() for strings (arrays).

sizeof() should never be used to get the size of an array.  It is
very unsafe, since arrays easily decay to pointers, and sizeof()
applied to a pointer gives false results that compile and produce
silent bugs.

It's better to use nxt_items(), which implements sizeof()
division, which recent compilers warn when used with pointers.

This change would have avoided a bug that we almost introduced
recently by using:

    nxt_str_set(&port, (r->tls ? "https://" : "http://"));

which in the macro expansion runs:

    (&port)->length = nxt_length((r->tls ? : "https://" : "http://"));

which evaluates to:

    port.length = sizeof(r->tls ? "https://" : "http://") - 1;

which evaluates to:

    port.length = 8 - 1;

Of course, we didn't want a compile-time-constant 8 there, but
rather the length of the string.

Link: <https://stackoverflow.com/a/57537491>
Cc: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Alejandro Colomar <alx@nginx.com>
---
 src/nxt_clang.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/nxt_clang.h b/src/nxt_clang.h
index 94638346..6803ffc8 100644
--- a/src/nxt_clang.h
+++ b/src/nxt_clang.h
@@ -252,7 +252,7 @@ nxt_popcount(unsigned int x)
 
 
 #define nxt_length(s)                                                         \
-    (sizeof(s) - 1)
+    (nxt_nitems(s) - 1)
 
 
 #endif /* _NXT_CLANG_H_INCLUDED_ */
-- 
cgit