Skip to content

Fix critical error handling and resource management in C++ code#2

Merged
jvmvik merged 4 commits into
mainfrom
fix/cpp-error-handling
Jun 9, 2026
Merged

Fix critical error handling and resource management in C++ code#2
jvmvik merged 4 commits into
mainfrom
fix/cpp-error-handling

Conversation

@jvmvik

@jvmvik jvmvik commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR addresses critical error handling, resource management, and thread safety issues in the C++ client library. All changes are backwards compatible.

Critical Fixes

  • Null pointer checks: Validate callback inputs and CURL handle initialization
  • Integer overflow prevention: Safe size calculations in callback to prevent buffer issues
  • CURL error handling: Check curl_easy_perform() return value and report errors
  • JSON parsing validation: Use HasParseError() to detect and signal parsing failures
  • Memory allocation checks: Validate curl_easy_escape() allocations
  • Thread safety: Replace static bool with std::call_once for CURL initialization

Code Quality Improvements

  • Remove using namespace directives (best practice)
  • Use std::ostringstream for efficient string building
  • Proper cleanup of CURL resources on all error paths
  • Exception safety in callback function
  • Meaningful error messages instead of silent failures

API Additions

  • setTimeout(int seconds) method for configurable request timeouts

Test plan

  • Build project successfully with new code
  • Verify error handling with network failures
  • Test timeout configuration
  • Verify thread safety with concurrent requests (if applicable)

🤖 Generated with Claude Code

jvmvik and others added 4 commits February 12, 2026 22:09
@jvmvik
Fix release task: use 'v' prefix for tags and inject PKG_CONFIG_PATH …
0b53f0d 
…for dist-check.
@jvmvik @claude
Improve error handling and security in release task.
8aeed24 
- Add nil-check for version regex match with informative error message
- Use Shellwords.escape() to safely handle tag names in shell commands
- Fix PKG_CONFIG_PATH handling to properly escape paths with special characters
- Improves robustness against malformed configuration or injection attacks

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
@jvmvik @claude
Fix critical error handling and resource management in C++ code.
dc8ae3d 
**Critical Fixes:**
- Add null pointer checks in callback for input validation
- Check for integer overflow in callback size calculation
- Add CURL handle validation after curl_easy_init()
- Use std::call_once for thread-safe CURL global initialization
- Check curl_easy_perform() return value and report errors
- Validate JSON parse errors with HasParseError()
- Add null checks for curl_easy_escape() allocations
- Remove unused includes and 'using namespace' directives
- Add public setTimeout() method for configurable timeouts

**Improvements:**
- Use std::ostringstream for efficient URL parameter encoding
- Replace static bool with std::once_flag for thread safety
- Return meaningful error messages on failures
- Add exception safety in callback function
- Proper cleanup of CURL resources on all error paths

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
@jvmvik @claude
Fix missing closing namespace brace in callback.cpp
4458e92 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jvmvik jvmvik merged commit 24b3e6d into main Jun 9, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jvmvik