tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: two modifications to dd(1)

On Dec 9, 2010, at 9:54 55PM, enami tsugutomo wrote:

> Iain Hibbert <> writes:
>> <> wrote:
>>> 1) Copy argument before modifying it so that ps(1) shows entire
>>>  options.
>> wrt this, is it worth not exiting for strdup() failure? I mean, the consequ=
>> ences are not fatal because we can fall back to using the argv string direc=
>> tly..
> Anyway, dd tries to allocate buffer for i/o later.  Of course it may
> succeed even if alocation here fails, but it depends on malloc
> implementaion and I guess it is quite rare case.
To quote a friend of mine, "don't optimize for the error case".  That strdup() 
is very unlikely to fail.  If it does fail, the odds are very high that the 
buffer allocation -- essential -- will fail as well.  Why add complexity to the 
code to recover from an improbable error, especially when it's hard to test the 
recovery code without tweaking the source?

Were the error moderately probable and the mainline code likely to succeed, it 
would be worth discussing how to make the command easily testable.  And it's 
certainly correct to detect the error and print an appropriate diagnostic.  But 
go to some trouble to keep running here?  To me, that's very clearly not worth 

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index