Subject: Re: CVS commit: src/libexec/comsat
To: Jarle Greipsland <email@example.com>
From: Bill Studenmund <firstname.lastname@example.org>
Date: 09/21/2003 10:07:35
On Sun, 21 Sep 2003, Jarle Greipsland wrote:
> Bill Studenmund <wrstuden@NetBSD.org> writes:
> > On Fri, 19 Sep 2003 email@example.com wrote:
> > > if we leave bad practice in code people would cut-and-paste it and use
> > > it, causing bad mistakes. so i am being pedantic.
> > Wouldn't it be sufficient to just add a comment saying that this behavior
> > is ok because we exit if there's a failure?
> What if an application had registered one or more functions with
> atexit(3)? Granted, the comsat application does not, and it is
> fairly small and can be understood fairly easily. However, for
> bigger applications, this might not be the case, and some
> programmer might decide to introduce the clearing of memory on
> exit using an atexit-function, without performing an audit of the
> code pattern for all instances of realloc() in the application.
So just because a programmer _might_ do something, and because she or he
_might_ not audit things, we have to change perfectly reasonable code?
That sounds really bogus.
This kind of change does not remove the problem of programmers not using
realloc() right in the face of memory clearing, it just papers over it.
Wouldn't it make more sense to actually make folks _understand_ what is