This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Allocation buffers for NSS result construction


On 05/16/2017 07:22 PM, DJ Delorie wrote:
> 
> Florian Weimer <fweimer@redhat.com> writes:
>> Oh.  Well.  I don't think I want to paper over *that*.  A crash in 
>> strlen seems to be just fine, rather than ignoring the issue and perhaps 
>> returning grossly misleading data.
> 
> I think you misunderstand - I *intentionally* put bad data in the test
> data to make sure the code handles it without crashing, and passes it
> along accurately, and that the testsuite can detect and validate it.
> 
> A crash in strlen() means I can't use your code, or have to wrap it in
> my own checks because I can't trust it.

I don't quite understand what you are after.  I think if the code has to
deal with bad data, explicit checks are better than relying on fringe
behavior of library functions (printf and "(null)" is another example).

Please post example code, so that I can better understand your requirement.

Thanks,
Florian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]