From owner-freebsd-hackers@FreeBSD.ORG Tue Nov 10 16:17:41 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2B7BB1065676; Tue, 10 Nov 2009 16:17:41 +0000 (UTC) (envelope-from a_best01@uni-muenster.de) Received: from zivm-exrelay3.uni-muenster.de (ZIVM-EXRELAY3.UNI-MUENSTER.DE [128.176.192.20]) by mx1.freebsd.org (Postfix) with ESMTP id 807958FC08; Tue, 10 Nov 2009 16:17:40 +0000 (UTC) X-IronPort-AV: E=Sophos;i="4.44,717,1249250400"; d="scan'208";a="18138248" Received: from zivmaildisp1.uni-muenster.de (HELO ZIVMAILUSER03.UNI-MUENSTER.DE) ([128.176.188.85]) by zivm-relay3.uni-muenster.de with ESMTP; 10 Nov 2009 17:17:38 +0100 Received: by ZIVMAILUSER03.UNI-MUENSTER.DE (Postfix, from userid 149459) id E88C81B0751; Tue, 10 Nov 2009 17:17:38 +0100 (CET) Date: Tue, 10 Nov 2009 17:17:38 +0100 (CET) From: Alexander Best Sender: Organization: Westfaelische Wilhelms-Universitaet Muenster To: Nate Eldredge Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , Giorgos Keramidas , freebsd-hackers@freebsd.org Subject: Re: [patch] burncd: honour for envar SPEED X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Nov 2009 16:17:41 -0000 Nate Eldredge schrieb am 2009-11-10: > On Tue, 10 Nov 2009, Alexander Best wrote: > >ps: would be nice if strcasecmp could protect itself from segfault > >with one or > >both of the args being NULL. > I disagree. What do you think it should do instead? Return 0? If > it did, would you have found your bug? > The same argument could be made for any of the string.h functions, > but I don't think it actually holds water. Such checks add > overhead, and only provide an illusion of safety. Sure, strcasecmp > could avoid causing the segfault itself, but at the cost of letting > a broken program continue and possibly cause more damage. It could > call abort(), but then you'd just have the same result (program > terminates) with a different signal, and doing your check in > software rather than letting the MMU hardware do it. It could print > a message, but that pollutes the program's output, and 15 seconds > debugging the core dump will reveal the problem anyway. > Having a library function "protect itself" in this manner is not > actually helpful, IMHO. > -- > Nate Eldredge > nate@thatsmathematics.com you're right. hundreds of functions cause segfaults when arg or args are NULL. either we add safety checks for all of them (massive overhead) or just leave them the way they are. also: these functions aren't being used by regular users, but developers and it's hard finding a developer who isn't experienced with dealing with NULL pointers. ;) so problems with NULL pointers are usually fixed very quickly. alex