This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [patch] Error on setenv(..., NULL, ...)


On Wed, 11 Mar 2015, Paul Pluzhnikov wrote:

> Attached trivial patch makes setenv(..., NULL, ...) fail instead of
> producing "bad" environment. Tested on Linux/x86_64, no new failures.

The conventions at 
<https://sourceware.org/glibc/wiki/Style_and_Conventions#Error_Handling> 
say that "If it's user code invoking undefined behavior, then it should 
fail early and catastrophically ... That too trades off against any 
runtime cost of detecting the case.".  And, more specifically for null 
pointers, "If you're going to check for NULL pointer arguments where you 
have not entered into a contract to accept and interpret them, do so with 
an assert, not a conditional error return.".

So, if it's undefined behavior to pass NULL here, any detection should 
take the form of an assertion.

-- 
Joseph S. Myers
joseph@codesourcery.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]