fix: make C FFI more robust with respect to malformed input

influxdata / flux

Flux is a lightweight scripting language for querying databases (like InfluxDB) and working with data. It's part of InfluxDB 1.7 and 2.0, but can be run independently of those.

https://influxdata.com

MIT License

767 stars 153 forks source link

fix: make C FFI more robust with respect to malformed input #5408

Closed wolffcm closed 1 year ago

wolffcm commented 1 year ago

An audit discovered a few places where we could be more rigorous about checking inputs for valid data. This PR addresses the issues and adds tests for them.

crepererum commented 1 year ago

BTW: another way to guard your FFI interfaces against all sorts of panics is catch_unwind. Just use it within the top-level FFI method, try to downcast the FFI payload to String and &'static str (both are possible) and create your FFI error type from that.