Re: PATCH: utils.c: Fix use of uninitialized memory in metafy().

[Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx>]

On Nov 27,  6:07pm, Peter Stephenson wrote:
} 
} Hmm... I think the intention probably *is* to check if there's null
} termination at "buf + len", on the assumption that the first "len" bytes
} need metafying regardless.  So if we've got only len valid bytes, not
} null-terminated (or null-terminated by accident because the next byte
} that isn't actually valid for the allocation happens to be null), we've
} got no way of knowing this given the current interface.

Does it actually matter?  The only reason for (*e != 0) as far as I can
tell is to be sure we've actually done (*e = '\0') at the very end of
the whole thing [comment: "... unchanged (a terminating null character
is appended to buf if necessary)"].

Can't we just move the *e = '\0' outside the "if" body and skip the test
in the condition?

All tests still pass with the following:

diff --git a/Src/utils.c b/Src/utils.c
index 0db9c30..c6d178c 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -3985,7 +3985,7 @@ metafy(char *buf, int len, int heap)
 	    if (imeta(*e++))
 		meta++;
 
-    if (meta || heap == META_DUP || heap == META_HEAPDUP || *e != '\0') {
+    if (meta || heap == META_DUP || heap == META_HEAPDUP) {
 	switch (heap) {
 	case META_REALLOC:
 	    buf = zrealloc(buf, len + meta + 1);
@@ -4028,8 +4028,8 @@ metafy(char *buf, int len, int heap)
 		meta--;
 	    }
 	}
-	*e = '\0';
     }
+    *e = '\0';
     return buf;
 }