On Aug 14, 2005, at 11:08 PM, Garrett Rooney wrote:
Rian Hunter wrote:
This patch looks good but I have some questions. You seem to use
the returned pointers from apr_array_push without checking if
they are NULL. Even in apr_array_push, apr_palloc is used without
checking for NULL even though apr_palloc can definitely return NULL.
Because of that, I'm not sure whether or not you don't check for
NULL on purpose. Could you explain? Thanks.
Well, it depends on what your general attitude towards checking for
errors in memory allocation. In many projects it's generally
considered to be the kind of error you can't effectively recover
from anyway, so cluttering up the code with if (foo == NULL) checks
is kind of pointless, you're likely to have been killed by a kernel
OOM checker before that can do anything useful, or you could be on
an OS that doesn't even return NULL (memory overcommit), so the
checks are pointless anyway. The only way to be safe is to make
sure that algorithmicly your program can't allocate unbounded
amounts of memory, then tune your box and app so that this kind of
problem doesn't happen in practice.
APR generally doesn't bother checking for this kind of error for
just this reason, same with Subversion and if I'm not mistaken
Apache HTTPD itself.
-garrett
Thanks for this information! After looking at code in httpd it seems
this is the case. I'll change the mod_smtpd code to reflect this
convention.
-rian
