diff options
author | Ed Tanous <edtanous@google.com> | 2021-03-22 22:58:00 +0300 |
---|---|---|
committer | Ed Tanous <edtanous@google.com> | 2021-03-31 23:34:18 +0300 |
commit | 0c15c33e0ed36ffedf4905aa671cddbcdcc3d04d (patch) | |
tree | e4792604a300bf1ebbe1a7c0abf7f665d151fa1c /COMMON_ERRORS.md | |
parent | f6f97199eb879540fb807645795149a7f6b9ae35 (diff) | |
download | bmcweb-0c15c33e0ed36ffedf4905aa671cddbcdcc3d04d.tar.xz |
Add common error for imprecise matching
Lots of commits recently seem to make this error. Having this
documented should hopefully reduce the likelihood people make these
mistakes.
Tested:
Documentation only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I72cfc06aee9d687c26aa095353c414193d5d9ce7
Diffstat (limited to 'COMMON_ERRORS.md')
-rw-r--r-- | COMMON_ERRORS.md | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/COMMON_ERRORS.md b/COMMON_ERRORS.md index 054d38c6f7..7b0d4d6346 100644 --- a/COMMON_ERRORS.md +++ b/COMMON_ERRORS.md @@ -238,3 +238,36 @@ BMCWEB_ROUTE("/myendpoint/<str>", Note: A more general form of this rule is that no handler should ever return 500 on a working system, and any cases where 500 is found, can immediately be assumed to be [a bug in either the system, or bmcweb.](https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#error-handling) + +### 12. Imprecise matching +```C++ +void isInventoryPath(const std::string& path){ + if (path.find("inventory")){ + return true; + } + return false; +} +``` +When matching dbus paths, HTTP fields, interface names, care should be taken to +avoid doing direct string containment matching. Doing so can lead to errors +where fan1 and fan11 both report to the same object, and cause behavior breaks +in subtle ways. + +When using dbus paths, rely on the methods on sdbusplus::message::object\_path. +When parsing HTTP field and lists, use the RFC7230 implementations from +boost::beast. + +Other commonly misused methods are: +boost::iequals. Unless the standard you're implementing (as is the case in some +HTTP fields) requires case insensitive comparisons, casing should be obeyed, +especially when relying on user-driven data. + +- boost::starts\_with +- boost::ends\_with +- std::string::starts\_with +- std::string::ends\_with +- std::string::rfind + +The above methods tend to be misused to accept user data and parse various +fields from it. In practice, there tends to be better, purpose built methods +for removing just the field you need. |