Subject: Re: CVS commit: basesrc
To: Luke Mewburn <firstname.lastname@example.org>
From: Bill Sommerfeld <email@example.com>
Date: 09/10/1999 01:24:50
> Jaromir Dolecek writes:
> > Luke Mewburn wrote:
> > > check dst and src aren't null pointers before trying to use them
> > > enable strlcat/strlcpy
> > Please DO NOT check the dst and src whether they are null. Feedeing
> > NULL pointer to it is a programming error and I strongly prefer
> > sigsegving immedially than running into some other problem later.
> > Lack of NULL check in libc routines helped me many times to uncover
> > the real problem.
> I beg to differ. Checking arguments before use is good practice. I've
> seen enough cases of obscure behaviour that wasn't just a simple
> `core dump' to know that helping the programmer by checking arguments
> is worth it.
Yes, but this argument checking is letting the program continue to run
in the face of a fatal error... it may then produce erroneous results.
Moreover, errors in code written on NetBSD may not be detected until
the code is ported to other platforms which are less forgiving.
Passing a NULL pointer to str* is an error; continuing to run in the
face of an error (instead of, for instance, terminating the process)
means that the system may end up computing erroneous results.
If you feel the need to check arguments, I'd much prefer it if there
was an abort() or equivalent instead of the "return 0".