node-scrypt Update scrypt

Update scrypt_common.cc

Open bryonglodencissp opened this issue 8 years ago • 2 comments

[src/node-boilerplate/scrypt_common.cc:98]: (error) Dangerous usage of c_str(). The value returned by c_str() is invalid after this call.

What happened in the original version of this code was:

instance of std::string is created - it is an object with automatic storage duration
pointer to the internal memory of this string is returned
object scrypt_err_description is destructed and its' internal memory is cleaned up
the caller of this function receives a dangling pointer (invalid pointer) which yields undefined behavior

The best solution: return an object and call .c_str() on the returned value.

REF: http://stackoverflow.com/questions/22330250/how-to-return-a-stdstring-c-str: How to return a std::string.c_str()

Found by https://github.com/bryongloden/cppcheck

Aug 11 '16 19:08 bryonglodencissp

I think this may fix https://github.com/barrysteyn/node-scrypt/issues/131

Aug 17 '16 05:08 BrandonZacharie

I'll look into this shortly...

On Aug 16, 2016 10:36 PM, "Brandon Zacharie" [email protected] wrote:

I think this may fix #131 https://github.com/barrysteyn/node-scrypt/issues/131

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/barrysteyn/node-scrypt/pull/133#issuecomment-240317895, or mute the thread https://github.com/notifications/unsubscribe-auth/ABd1RPCEiBCMHLZBaXmok1v37ol0FGRlks5qgp3ggaJpZM4Jic4L .

Aug 18 '16 06:08 barrysteyn

node-scrypt node-scrypt copied to clipboard

Update scrypt_common.cc

node-scrypt
node-scrypt copied to clipboard