[PATCH] improve speed and correctness of GUID string parsing
douglas.bagnall at catalyst.net.nz
Thu Dec 8 20:30:17 UTC 2016
In the code that parses guid strings in librpc/ndr/uuid.c (and other
places), we accept a large family of guid-like non-guids as guids.
This patch stops that and makes the parsing of true guids much
The old code used sscanf() where we appear to mistakenly expect formats
like "%04x" to match only the strings that printf() would produce when
given it (in this case four hex characters padded with leading zeros,
like "abcd" or "0002"). But sscanf doesn't work like that: the "0" is
interpreted as part of the number, not as a flag, and it matches any
sequence of up to four characters that could possibly be a hex number.
That includes strings like " 033", "0x2A", "-4 ", which (though I
admit to not looking up RFCs) are not normally expected to occur in
We never noticed this because our test for invalid guids only tried a
single un-guid-like string ("bla").
I came to this chasing performance. In my ldap.ad_dc_performance tests
parsing GUIDs was taking 7.8% of the overall time. These patches
reduce that to 2.8%.
I see similar GUID routines in nsswitch/libwbclient/wbc_guid.c and
source4/dsdb/common/util.c, and many other places where we use "%0" in
sscanf expecting it to mean something.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 9838 bytes
Desc: not available
More information about the samba-technical