Don't use strtok(3)

[haesbaert]

strtok(3) is not re-entrant, use strtok_r(3).

--

strtok(3) will break on multithreaded programs, basically anyone using the watch callback would break on multithreaded.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: haesbaert
Once this PR has been reviewed and has the lgtm label, please assign brendandburns for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[linux-foundation-easycla]

• ❌ - login: @haesbaert / name: Christiano Haesbaert . The commit (1ff9572, 67b1083) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.

[k8s-ci-robot]

Welcome @haesbaert!

It looks like this is your first PR to kubernetes-client/c 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-client/c has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[brendandburns]

nit: please set to explicit NULL

[brendandburns]

here too wrt NULL

[brendandburns]

small request for explicit NULL for the last variables, otherwise LGTM.

You also need to sign the CLA.

[ityuhui]

strtok_r is not implemented on Windows.
Use conditional compilation to avoid build failures on Windows

For example, in this project:

#ifndef _WIN32

or

check_symbol_exists(secure_getenv "stdlib.h" HAVE_SECURE_GETENV)

#if defined(HAVE_SECURE_GETENV)

[haesbaert]

small request for explicit NULL for the last variables, otherwise LGTM.

You also need to sign the CLA.

Fixed the nit, I need to get approval for the CLA, will come back to you, meanwhile I fixed another bug, see below.

[haesbaert]

strtok_r is not implemented on Windows. Use conditional compilation to avoid build failures on Windows

For example, in this project:

#ifndef _WIN32

or

check_symbol_exists(secure_getenv "stdlib.h" HAVE_SECURE_GETENV)

#if defined(HAVE_SECURE_GETENV)

Thanks, I've added a check for HAVE_STRTOK_R, which also made me realize the test for HAVE_STRNDUP was broken as utils.c never included "config.h". I'm falling back from strtok_r to strtok, if that's not good enough, I'd suggest copying the one from OpenBSD since it's simple enough and it's BSD3 licensed.

[ityuhui]

Hi @haesbaert

Thanks for the PR! I recommend:

check_symbol_exists(secure_getenv "stdlib.h" HAVE_STRTOK_R)

    char *p = NULL;
    char *last = NULL;
#if defined(HAVE_STRTOK_R)
    p = strtok_r(dup_token_string, OIDC_ID_TOKEN_DELIM, &last);  /* jwt header */
#else
    p = strtok(dup_token_string, OIDC_ID_TOKEN_DELIM); /* jwt header */
#endif
    if (!p) {
        fprintf(stderr, "%s: The token <%s> is not a valid JWT token.\n", fname, token_string);
        goto end;
    }
#if defined(HAVE_STRTOK_R)
    p = strtok_r(NULL, OIDC_ID_TOKEN_DELIM, &last);  /* jwt part2 */
#else
    p = strtok(NULL, OIDC_ID_TOKEN_DELIM); /* jwt part2 */
#endif
    if (!p) {
        fprintf(stderr, "%s: The token <%s> is not a valid JWT token.\n", fname, token_string);
        goto end;

Just like HAVE_SECURE_GETENV and HAVE_GETENV do.

What do you think ?