Re: CVS commit: basesrc

[Ross Harvey <ross%teraflop.com@localhost>]

> From: Bill Sommerfeld <sommerfeld%orchard.arlington.ma.us@localhost>
>
> > Jaromir Dolecek writes:
> > > Luke Mewburn wrote:
> > > > check dst and src aren't null pointers before trying to use them
> > > > enable strlcat/strlcpy
> > > 
> > > Please DO NOT check the dst and src whether they are null. Feedeing
> > > NULL pointer to it is a programming error and I strongly prefer
> > > sigsegving immedially than running into some other problem later.
> > > Lack of NULL check in libc routines helped me many times to uncover
> > > the real problem.
> > 
> > I beg to differ. Checking arguments before use is good practice. I've
> > seen enough cases of obscure behaviour that wasn't just a simple
> > `core dump' to know that helping the programmer by checking arguments
> > is worth it.
>
> Yes, but this argument checking is letting the program continue to run
> in the face of a fatal error... it may then produce erroneous results.
> Moreover, errors in code written on NetBSD may not be detected until
> the code is ported to other platforms which are less forgiving.
>
> Passing a NULL pointer to str* is an error; continuing to run in the
> face of an error (instead of, for instance, terminating the process)
> means that the system may end up computing erroneous results.
>
> If you feel the need to check arguments, I'd much prefer it if there
> was an abort() or equivalent instead of the "return 0".

"What they said". You see,  the HW does check the argument. You have actually
watered down the check, by now allowing the program to continue.

        ross.harvey%computer.org@localhost