On Fri, 09 May 2014 14:50:19 +0200
Hardening <rdp.eff...@gmail.com> wrote:

> Le 09/05/2014 12:20, Pekka Paalanen a écrit :
> > On Fri, 09 May 2014 15:21:51 +0530
> > Srivardhan <sri.heb...@samsung.com> wrote:
> >
> >>
> >>
> >>> -----Original Message-----
> >>> From: Pekka Paalanen [mailto:ppaala...@gmail.com]
> >>> Sent: Friday, May 09, 2014 3:09 PM
> >>> To: Srivardhan
> >>> Cc: 'Hardening'; wayland-devel@lists.freedesktop.org
> >>> Subject: Re: [PATCH] event: Cheking for NULL before dereferencing the
> >>> pointer.
> >>>
> >>> On Fri, 09 May 2014 14:56:14 +0530
> >>> Srivardhan <sri.heb...@samsung.com> wrote:
> >>>
> 
> [...]
> 
> >
> > Checking is one thing, silently hiding bugs is another thing.
> >
> > If NULL is a legal input, then of course it needs to be checked.
> >
> > If NULL can happen, but is a runtime error, the program needs to be
> > vocal about it, e.g. relay the error back to the caller.
> >
> > If API specification says NULL is not a valid input, putting an
> > assert() would be fine, since violating that is a programmer error in
> > the caller.
> >
> > I think wl_event_source_remove() falls into the last category. All
> > functions in wayland-util.h belong to this category, too.
> >
> 
> IMHO wl_event_source_remove() should take a wl_event_source ** as 
> parameter and set to NULL the event_source pointer (preventing anyone 
> to use it). Using eclipse call hierarchy, I've seen many places where 
> this extra precaution is not taken.
> I don't know if wl_event_source_remove() can be considered as part of 
> the libwayland API and so fixed in stone ?

If it is exported in a release, it is set in stone. And so it is.

Thanks,
pq
_______________________________________________
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/wayland-devel

Reply via email to