Defensively terminate the output buffer on error.

Suggested by Scott

Author: katef

include/re/groups.h

@@ -44,6 +44,9 @@ struct re_pos;
  *
  * outs may be NULL in which case outn must be 0, and no
  * output is made.
+ *
+ * On error the function returns false and the output
+ * buffer is indeterminate.
  */
 bool
 re_interpolate_groups(const char *fmt, char esc,

src/libre/re_interpolate_groups.c

@@ -37,6 +37,7 @@ re_interpolate_groups(const char *fmt, char esc,
 	struct re_pos *start, struct re_pos *end)
 {
 	unsigned group; // 0 meaning group0, 1 meaning groupv[0], etc
+	char *outs_orig;
 	const char *p;
 
 	enum {
@@ -53,6 +54,8 @@ re_interpolate_groups(const char *fmt, char esc,
 	state = STATE_LIT;
 	group = 0;
 
+	outs_orig = outn > 0 ? outs : NULL;
+
 	if (start != NULL) {
 		start->byte = 0;
 	}
@@ -186,6 +189,10 @@ re_interpolate_groups(const char *fmt, char esc,
 		end->byte = p - fmt;
 	}
 
+	if (outs_orig != NULL) {
+		*outs_orig = '\0';
+	}
+
 	return false;
 }
 

tests/re_interpolate_groups/re_interpolate_groups1.c

@@ -24,13 +24,19 @@ test_err(const char *fmt, size_t groupc, const char *groupv[], const char *ne,
 
 	assert(fmt != NULL);
 
+	outs[0] = 'x';
+
 	/* for these tests we're expecting to error */
 	if (re_interpolate_groups(fmt, '$', "<g0>", groupc, groupv, ne, outs, sizeof outs, &start, &end)) {
 		printf("%s/%zu XXX\n", fmt, groupc);
 		failed++;
 		return;
 	}
 
+	if (outs[0] != '\0') {
+		failed++;
+	}
+
 	failed += rs = expected_start != start.byte;
 	failed += re = expected_end   != end.byte;