bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: should asprintf and friends guarantee sane pointer on failure?

From: Jeffrey Walton
Subject: Re: should asprintf and friends guarantee sane pointer on failure?
Date: Mon, 29 Jul 2024 11:47:31 -0400 
On Mon, Jul 29, 2024 at 11:37 AM Bruno Haible <bruno@clisp.org> wrote:
>
> Jeffrey Walton wrote:
> > You should consider making the interface easy to use correctly, and
> > hard to use incorrectly. That will help novice programmers avoid
> > mistakes.
>
> Novice programmers need to learn that they need to look at the return
> value. Once they have learned this, everything is easy.

Everyone makes mistakes, including expert programmers:
<https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=glibc>. Making the
function easy to use correctly, and hard to use incorrectly, serves
the best interest of the internet community.

> > In that light, set the ptr to NULL to make it as safe as possible.
>
> With the same argument, you could claim that functions that can set
> errno should always set errno to 0 when they succeed. So that
> users don't need to set 'errno = 0;' before the call, if they want
> to inspect errno after the call, regardless of the return value.

Jeff
reply via email to
[Prev in Thread] Current Thread [Next in Thread]