|author||Elliott Hughes <firstname.lastname@example.org>||Mon Dec 16 16:16:16 2019 -0800|
|committer||Elliott Hughes <email@example.com>||Tue Dec 17 08:39:09 2019 -0800|
Fix SEGV in libziparchive with malformed zip file. d77c99ebc3d896501531e9522b690c4a0e971aff changed MappedFile to return a bogus zero-length mapping on failure rather than nullptr. None of the calling code was changed, though, and it seems like doing so would be a bad idea. Revert that part of the change. Add missing tests, and tidy up some of the logging. Also remove single-use or obfuscatory constants from the tests. The new "empty.zip" was created by using zip(1) to create a zip file with one entry, then using `zip -d` to remove it. The new "zero-size-cd.zip" was created by using zip(1) to create a zip file containing a single empty file, and then hex editing the two byte "size of the central directory" field in the "end of central directory record" structure at the end of the file. (This is equivalent to, but much smaller than, the example zip file provided by the bug reporter.) Bug: http://b/145925341 Test: treehugger Change-Id: Iff64673bce7dae886ccbc9dd6c2bbe18de19f9d2
This library is a collection of convenience functions to make common tasks easier and less error-prone.
In this context, “error-prone” covers both “hard to do correctly” and “hard to do with good performance”, but as a general purpose library, libbase's primary focus is on making it easier to do things easily and correctly when a compromise has to be made between “simplest API” on the one hand and “fastest implementation” on the other. Though obviously the ideal is to have both.
The intention is to cover the 80% use cases, not be all things to all users.
If you have a routine that‘s really useful in your project, congratulations. But that doesn’t mean it should be here rather than just in your project.
The question for libbase is “should everyone be doing this?”/“does this make everyone's code cleaner/safer?”. Historically we've considered the bar for inclusion to be “are there at least three unrelated projects that would be cleaned up by doing so”.
If your routine is actually something from a future C++ standard (that isn‘t yet in libc++), or it’s widely used in another library, that helps show that there's precedent. Being able to say “so-and-so has used this API for n years” is a good way to reduce concerns about API choices.
Unlike most Android code, code in libbase has to build for Mac and Windows too.
Code here is also expected to have good test coverage.
By its nature, it‘s difficult to change libbase API. It’s often best to start using your routine just in your project, and let it “graduate” after you're certain that the API is solid.