I (Julian Foad) wrote: > I suggest we follow up by doing both of: > > * Change the implementation to always add an extra byte to that requested, > to > help buggy callers. This is valid because the number passed in is already > only > a lower bound so callers can't assume that we don't increase it. > > * Rev the API to 'svn_stringbuf_ensure2()' and document that the > caller doesn't have to allow for the trailing NUL. > > Of course the implementation of _ensure() and _ensure2() would then be > identical. The point of adding one in the old _ensure() implementation is to > help callers in third-party code, given that we've demonstrated a high > chance of the existing API being misused. The point of defining the > _ensure2() > API is so we can cleanly change callers to not add 1, without them > contradicting > the old API. (It would add confusion for people reading the code if we > removed > the caller's "+1" and didn't rev the name.)
I'm following up with a patch in a new thread "[PATCH] String creation -- ensuring space for the NUL", <http://svn.haxx.se/dev/archive-2012-02/0415.shtml>. - Julian
