Date: Thu, 30 Apr 2015 01:08:42 +0200 From: Mariusz Zaborski <oshogbo@FreeBSD.org> To: Garrett Cooper <yaneurabeya@gmail.com> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r282252 - head/lib/libcapsicum Message-ID: <CAGOYWV81wyzEg7i6aYSHUHTYc0HXaF21v0ynGTbkvtuwCPe5Hg@mail.gmail.com> In-Reply-To: <8E2140D8-E008-4A9D-A628-1FA4693A8797@gmail.com> References: <201504292219.t3TMJeGn071528@svn.freebsd.org> <8E2140D8-E008-4A9D-A628-1FA4693A8797@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 30 April 2015 at 01:00, Garrett Cooper <yaneurabeya@gmail.com> wrote: > On Apr 29, 2015, at 15:19, Mariusz Zaborski <oshogbo@FreeBSD.org> wrote: > > > Author: oshogbo > > Date: Wed Apr 29 22:19:40 2015 > > New Revision: 282252 > > URL: https://svnweb.freebsd.org/changeset/base/282252 > > > > Log: > > Remove the use of nvlist_.*[vf] functions from libcapsicum and replace > > them with snprintf(3). Assert the results of snprintf(3). > > > > Approved by: pjd (mentor) > > assert(3) can be compiled out with NDEBUG, causing memory > corruption on memory allocation failure or snprintf-related failure. Is > using assert a good idea? > Thanks! > -NGie > In my opinion it's only sanitary check for developers. We not assume that snprintf(3) will fail in those condition - buffer is far bigger then max value stored there (name (4) + MAX_UINT (21) = 25, buffer is declared 64). But it could fail if some developer will change the name of the variable and forgot to resize the array. So like I say it's only sanitary check. Thanks, Mariusz Zaborski
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV81wyzEg7i6aYSHUHTYc0HXaF21v0ynGTbkvtuwCPe5Hg>