Bug 14246 - mkCharLen() may look past end of string for a terminator
Summary: mkCharLen() may look past end of string for a terminator
Alias: None
Product: R
Classification: Unclassified
Component: Low-level (show other bugs)
Version: R 2.y.z
Hardware: ix86 (32-bit) All
: P5 enhancement
Assignee: R-core
Depends on:
Reported: 2010-03-31 18:30 UTC by David Hinds
Modified: 2018-01-16 16:21 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description David Hinds 2010-03-31 18:30:17 UTC
There is a small performance bug in mkCharLen() in src/main/envir.c.  I had written some C code to build a character vector from parts of a long buffer -- in one case, creating 600K strings -- and noticed that this was taking a long time.  The reason turned out to be that mkCharLen() calls strlen() on its string parameter, so it was scanning the entire buffer for a null character on each call, even though I had explicitly specified a length of 1.  The value from strlen() is only used to check whether the null-terminated length of the string is shorter than the explicitly specified string length, and I think it is wrong for this function to scan beyond that length into memory that may not be part of the string at all.

One option would be to replace strlen() with strnlen() but I'm not sure that we can count on strnlen() being available on all platforms?  Alternatively, just code a short loop that scans out only as far as needed, i.e.:

for (slen = 0; slen < len; slen++)
    if (!name[slen]) break;
Comment 1 Brian Ripley 2010-04-11 12:16:04 UTC
strnlen is defintely not portable.

Changed for 2.12.0