Date: Tue, 10 Nov 2009 08:03:26 -0800 (PST) From: Nate Eldredge <nate@thatsmathematics.com> To: Alexander Best <alexbestms@wwu.de> Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>, Giorgos Keramidas <keramida@freebsd.org>, freebsd-hackers@freebsd.org Subject: Re: [patch] burncd: honour for envar SPEED Message-ID: <Pine.GSO.4.64.0911100756320.5432@zeno.ucsd.edu> In-Reply-To: <permail-200911101550071e86ffa800005ac8-a_best01@message-id.uni-muenster.de> References: <permail-200911101550071e86ffa800005ac8-a_best01@message-id.uni-muenster.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Nov 2009, Alexander Best wrote: > ps: would be nice if strcasecmp could protect itself from segfault with one or > both of the args being NULL. I disagree. What do you think it should do instead? Return 0? If it did, would you have found your bug? The same argument could be made for any of the string.h functions, but I don't think it actually holds water. Such checks add overhead, and only provide an illusion of safety. Sure, strcasecmp could avoid causing the segfault itself, but at the cost of letting a broken program continue and possibly cause more damage. It could call abort(), but then you'd just have the same result (program terminates) with a different signal, and doing your check in software rather than letting the MMU hardware do it. It could print a message, but that pollutes the program's output, and 15 seconds debugging the core dump will reveal the problem anyway. Having a library function "protect itself" in this manner is not actually helpful, IMHO. -- Nate Eldredge nate@thatsmathematics.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.64.0911100756320.5432>