Permission: refactor getPermissionFromPassword() to return std::optional

This replaces the output parameter (which is bad API design).  As a
side effect, it fixes the bad [[gnu::pure]] attribute added by commit
a636d2127 which caused optimizing compilers to miscompile calls to
that function.  "Pure" functions can be assumed to have no output
arguments, so the compiler can assume the function doesn't modify
them.

Closes https://github.com/MusicPlayerDaemon/MPD/issues/1282
This commit is contained in:
Max Kellermann 2021-10-17 19:50:59 +02:00
parent 6a2e7bbc02
commit 907af2ad02
4 changed files with 16 additions and 10 deletions

1
NEWS
View File

@ -1,5 +1,6 @@
ver 0.23.1 (not yet released) ver 0.23.1 (not yet released)
* fix libfmt linker problems * fix libfmt linker problems
* fix broken password authentication
ver 0.23 (2021/10/14) ver 0.23 (2021/10/14)
* protocol * protocol

View File

@ -161,15 +161,14 @@ GetPermissionsFromAddress(SocketAddress address) noexcept
#endif #endif
int std::optional<unsigned>
getPermissionFromPassword(const char *password, unsigned *permission) noexcept GetPermissionFromPassword(const char *password) noexcept
{ {
auto i = permission_passwords.find(password); auto i = permission_passwords.find(password);
if (i == permission_passwords.end()) if (i == permission_passwords.end())
return -1; return std::nullopt;
*permission = i->second; return i->second;
return 0;
} }
unsigned unsigned

View File

@ -22,6 +22,8 @@
#include "config.h" #include "config.h"
#include <optional>
struct ConfigData; struct ConfigData;
class SocketAddress; class SocketAddress;
@ -32,9 +34,13 @@ static constexpr unsigned PERMISSION_CONTROL = 4;
static constexpr unsigned PERMISSION_ADMIN = 8; static constexpr unsigned PERMISSION_ADMIN = 8;
static constexpr unsigned PERMISSION_PLAYER = 16; static constexpr unsigned PERMISSION_PLAYER = 16;
/**
* @return the permissions for the given password or std::nullopt if
* the password is not accepted
*/
[[gnu::pure]] [[gnu::pure]]
int std::optional<unsigned>
getPermissionFromPassword(const char *password, unsigned *permission) noexcept; GetPermissionFromPassword(const char *password) noexcept;
[[gnu::const]] [[gnu::const]]
unsigned unsigned

View File

@ -58,13 +58,13 @@ handle_binary_limit(Client &client, Request args,
CommandResult CommandResult
handle_password(Client &client, Request args, Response &r) handle_password(Client &client, Request args, Response &r)
{ {
unsigned permission = 0; const auto permission = GetPermissionFromPassword(args.front());
if (getPermissionFromPassword(args.front(), &permission) < 0) { if (!permission) {
r.Error(ACK_ERROR_PASSWORD, "incorrect password"); r.Error(ACK_ERROR_PASSWORD, "incorrect password");
return CommandResult::ERROR; return CommandResult::ERROR;
} }
client.SetPermission(permission); client.SetPermission(*permission);
return CommandResult::OK; return CommandResult::OK;
} }