From 2e9f190aed6a5d9ccbb72328ed500167f091e811 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vladimir.cunat@nic.cz>
Date: Fri, 17 Mar 2017 12:51:42 +0100
Subject: [PATCH] kr_bitcmp: add meaning to NULL inputs

Reasoning: we currently only use the function from lua modules and nil
values are very common there; I want to pick these changes to a bugfix
update without extensive checking whether the modules might pass
invalid input if user passes invalid config and thus introduce new
crashes.  The checks also seem cheap performance-wise.
---
 lib/utils.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/utils.c b/lib/utils.c
index 3e53c6cdb..b1c226ab8 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -364,6 +364,18 @@ int kr_straddr_subnet(void *dst, const char *addr)
 
 int kr_bitcmp(const char *a, const char *b, int bits)
 {
+	/* We're using the function from lua directly, so at least for now
+	 * we avoid crashing on bogus inputs.  Meaning: NULL is ordered before
+	 * anything else, and negative length is the same as zero.
+	 * TODO: review the call sites and probably remove the checks. */
+	if (bits <= 0 || (!a && !b)) {
+		return 0;
+	} else if (!a) {
+		return -1;
+	} else if (!b) {
+		return 1;
+	}
+
 	assert(a && b && bits >= 0  ||  bits == 0);
 	/* Compare part byte-divisible part. */
 	const size_t chunk = bits / 8;
-- 
2.47.3