MG> Hi all,
MG>
MG> A mental lapse during the use of recvfrom brought up a question about
MG> argument error checking. Here is the offending snippet of code
MG>
MG> if (recvfrom(s, reply, &len, 0, &dest, &dest_len) == -1) {
MG> ...
MG> }
MG>
MG> You will note that I supplied the address of the length of the reply
MG> buffer rather than the length itself. Thanks to C's cavalier attitude
MG> about pointers and integers, the pointer silently became a negative
MG> int. The call did not fail but no data was received.
MG>
MG> It seems to me that a negative buffer size is never acceptable and
MG> hence recvfrom should have returned -1 and set errno to EINVAL to
MG> alert me to my stupidity. My question: should the few lines of code
MG> necessary to perform the check be inserted?
Great topic! I suggest reading 'programming by contract' articles by
Bertrand Meyer (OOSC or papers), or at least, BetterC philosophy
<www-scf.usc.edu/~moissetd>
Routine preconditions (requirements) would have saved you a lot of time.
Matias.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
