On Fri, 09 May 2014 14:50:19 +0200 Hardening <rdp.eff...@gmail.com> wrote:
> Le 09/05/2014 12:20, Pekka Paalanen a écrit : > > On Fri, 09 May 2014 15:21:51 +0530 > > Srivardhan <sri.heb...@samsung.com> wrote: > > > >> > >> > >>> -----Original Message----- > >>> From: Pekka Paalanen [mailto:ppaala...@gmail.com] > >>> Sent: Friday, May 09, 2014 3:09 PM > >>> To: Srivardhan > >>> Cc: 'Hardening'; wayland-devel@lists.freedesktop.org > >>> Subject: Re: [PATCH] event: Cheking for NULL before dereferencing the > >>> pointer. > >>> > >>> On Fri, 09 May 2014 14:56:14 +0530 > >>> Srivardhan <sri.heb...@samsung.com> wrote: > >>> > > [...] > > > > > Checking is one thing, silently hiding bugs is another thing. > > > > If NULL is a legal input, then of course it needs to be checked. > > > > If NULL can happen, but is a runtime error, the program needs to be > > vocal about it, e.g. relay the error back to the caller. > > > > If API specification says NULL is not a valid input, putting an > > assert() would be fine, since violating that is a programmer error in > > the caller. > > > > I think wl_event_source_remove() falls into the last category. All > > functions in wayland-util.h belong to this category, too. > > > > IMHO wl_event_source_remove() should take a wl_event_source ** as > parameter and set to NULL the event_source pointer (preventing anyone > to use it). Using eclipse call hierarchy, I've seen many places where > this extra precaution is not taken. > I don't know if wl_event_source_remove() can be considered as part of > the libwayland API and so fixed in stone ? If it is exported in a release, it is set in stone. And so it is. Thanks, pq _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/wayland-devel
