On Tue, 7 Jul 1998, Dean Takemori wrote:
>Angus Mezick <angus@EDGIL.CCMAIL.COMPUSERVE.COM> wrote:
>>why are you trying to call CREATE with 0 or a negative number anyway? C will
>
>num = strlen(somestring) + 1;
>accidentally_zero_num();
>p = (char*)malloc(num);
>if (p == NULL) { abort(); }
>
>Contrived example addmittedly, but this will bomb immediately on
>some systems and silently corrupt memory in others.
The point being, if the program asked for 0 bytes, it should use 0 bytes.
That may sound a bit strange, but it's what you do with malloc() already.
You ask for 50 bytes, you use 50 bytes or less. Ask for 0 bytes and use 0
bytes or less. Chances are you'll crash anyway if you overwrite a pointer
to 0 bytes.
>"d. hall" <dhall@OOI.NET> wrote:
>>Quite a few programmers make wrappers for malloc to one: assert(3) that
>>requested length is > 0, and if the return is non-null. Quite of few
>
>And this is what CREATE() is, so we should be complete and check for
>num > 0. Values that when cast to signed are negative are another
>issue.
Why check for 'num > 0'? Perhaps you mean MSB set?
eh, might as well
--
George Greer, greerga@circlemud.org | Genius may have its limitations, but
http://patches.van.ml.org/ | stupidity is not thus handicapped.
http://www.van.ml.org/CircleMUD/ | -- Elbert Hubbard
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/15/00 PST