Hello, Milos Nikic, le mer. 21 janv. 2026 21:19:52 -0800, a ecrit: > It can return EINVAL instead. > This improves the stability of the system and DX of an inexperienced > programmer at a minor cost of a simple if statement.
Well, that's a slippy rope. You could argue just the same for all parameters and end up with a flurry of tests. Not checking for null parameters is a common pattern in C. Yes, you will get a crash, but that's easy to look up in gdb. Samuel > Example call to: > error_t err = diskfs_lookup (node, ".", LOOKUP, &child, NULL, NULL); > > Before this fix: > System crash, needs a restart... > After this fix: > err = EINVAL > --- > libdiskfs/lookup.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/libdiskfs/lookup.c b/libdiskfs/lookup.c > index 201613c3..0f23cbe8 100644 > --- a/libdiskfs/lookup.c > +++ b/libdiskfs/lookup.c > @@ -63,6 +63,7 @@ > > Return ENOTDIR if DP is not a directory. > Return EACCES if CRED isn't allowed to search DP. > + Return EINVAL if CRED is 0. > Return EACCES if completing the operation will require writing > the directory and diskfs_checkdirmod won't allow the modification. > Return ENOENT if NAME isn't in the directory. > @@ -77,6 +78,9 @@ diskfs_lookup (struct node *dp, char *name, enum > lookup_type type, > error_t err; > struct node *cached; > > + if (!cred) > + return EINVAL; > + > if (type == REMOVE || type == RENAME) > assert_backtrace (np); > > -- > 2.52.0 >
