Date: Wed, 20 Jun 2012 09:36:51 -0700 From: Colin Percival <cperciva@freebsd.org> To: Bruce Evans <brde@optusnet.com.au> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Eitan Adler <eadler@freebsd.org> Subject: Re: svn commit: r237286 - head/lib/libc/gen Message-ID: <4FE1FC23.9000904@freebsd.org> In-Reply-To: <20120621015220.J2636@besplex.bde.org> References: <201206200638.q5K6cg7u024024@svn.freebsd.org> <20120621015220.J2636@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 06/20/12 09:27, Bruce Evans wrote:
> On Wed, 20 Jun 2012, Eitan Adler wrote:
>> Log:
>> Don't close an uninitialized descriptor. [1]
>> Add a sanity check for the validity of the passed fd.
>
> Library functions shouldn't use assert() or abort().
Why not?
> The fd is not passed, but is a static variable under syslog()'s control.
I understood "passed fd" to mean "fd we're passing to _close".
>> closelog(void)
>> {
>> THREAD_LOCK();
>> - (void)_close(LogFile);
>> - LogFile = -1;
>> + assert(LogFile >= -1);
>
> Since this assert() can't fail (unless the CPU has a parity error or
> or the memory behind Logfile has a parity error or another memory error
> or was clobbered by a buffer overrun), this assert() doesn't break the
> library but just wastes space.
I asked eadler to include that on the basis that it made the code easier
to understand.
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FE1FC23.9000904>