Re: replace strtok()

Em ter., 15 de out. de 2024 às 03:45, Peter Eisentraut <peter@eisentraut.org> escreveu:

Thanks for the analysis.  I think moreover we *only* need to check the
"stringp" for NULL, not the return value of strsep(), which would never
be NULL in our case.  So I propose the attached patch as a variant of yours.

I'm not 100% sure, but the contrib passwordcheck uses and It's not very safe.

The checks of NULL return are cheap, and will protect unwary users.

So I'm neutral here.

I also wonder, if other places touched by 5d2e1cc11 need corrections too.
I played with
PG_COLOR=always PG_COLORS="error=01;31" .../initdb

and it looks like this free() call in pg_logging_init():
            char       *colors = strdup(pg_colors_env);

            if (colors)
            {
...
                while ((token = strsep(&colors, ":")))
                {
...
                }

                free(colors);
            }
gets null in colors.

Best regards,
Alexander