Closed spoonincode closed 3 months ago
Note:start group: CLEANCODE category: INTERNALS summary: Cleanup usage of stack variables in producer api plugin. Note: end
safer
Well, personally for non-trivial usages of lambdas -- such as this case -- I like to see explicit capture lists. So [&producer, &http]
in this case. Does that work?
safer
Well, personally for non-trivial usages of lambdas -- such as this case -- I like to see explicit capture lists. So
[&producer, &http]
in this case. Does that work?
Sounds good.
that was probably a bad idea since now clang warns of unused lambda captures
http_max_response_time
is a variable declared on that stack as part ofplugin_startup()
https://github.com/AntelopeIO/leap/blob/c301152420c381a08aadf1f4d1f2b59414110418/plugins/producer_api_plugin/producer_api_plugin.cpp#L94CALL_WITH_400
captures all by reference https://github.com/AntelopeIO/leap/blob/c301152420c381a08aadf1f4d1f2b59414110418/plugins/producer_api_plugin/producer_api_plugin.cpp#L23-L26INVOKE_R_R_D
then goes on to use the reference tohttp_max_response_time
which is stale asplugin_startup()
has long since returned once HTTP requests are made https://github.com/AntelopeIO/leap/blob/c301152420c381a08aadf1f4d1f2b59414110418/plugins/producer_api_plugin/producer_api_plugin.cpp#L65-L66This problem seemed to have been introduced in 5.0. Since this is in producer_api, which isn't expected to ever be exposed publicly, not considering this a security defect.