Namazu-users-en(old)

[Carlos Soltero-Pales <carlos@xxxxxxxxx>]

NOKUBI Takatsugu wrote:
> Your suspection is roughly right, but not for field name. According to
> nmz/field.c, nmz_get_field_data is defined like the following:
>
> void
> nmz_get_field_data(int idxid, int docid, const char *field, char *data)
>
> So you can use constant string as field argument. I maintain
> Search::Namazu perl module and it also uses constant string.
> You can see it via ViewCVS:
> http://cvs.namazu.org/Search-Namazu/Namazu.xs?rev=1.18&content-type=text/vnd.viewcvs-markup
>
> Sorry for lack of documents about the library. I need more description
> about it but I have my hands full...

Understood.  Thanks for the information.  I believe the issue is in 
nmz/field.c around line 182:

	if (idxid == fc[i].idxid && docid == fc[i].docid &&
	    strcmp(tmpfield, fc[i].field) == 0)
	{  /* cache hit! */
	    nmz_debug_printf("field cache [%s] hit!\n", tmpfield);
	    strncpy(data, fc[i].data, BUFSIZE - 1);	/* data length should be BUFSIZE - 
1 */
	    return;
	}

The strncpy statement implies that data is of size BUFSIZE (which I 
believe was a buffer overflow fix).  If data is less than that (which 
was my case), then it will be overwritten by 0's, but only if there is a 
cache hit, like in the second search (which was my case).

I can't think of a good fix that does not involve passing the size of 
data as a function parameter.  Maybe somebody else can.  For now, I will 
just make data[BUFSIZE]. =)

	-Carlos