On Mon, 19 Oct 2009 08:58:05 -0500, David Kelly <dke...@hiwaay.net> wrote:
> On Mon, Oct 19, 2009 at 05:43:44AM +0200, Polytropon wrote:
> > to make sure s is not NULL, or testing for it explicitely like
> > 
> >     if(!s)
> >             ... error handling here ...
> 
> You are missing my point that *s == 0 is not a good out of bounds range
> check.

That's correct. Test != NULL just ensures that it is not a
NULL pointer. Range checking should always be applied
additionally.



> strlen() knows nothing about the buffer allocation. As I originally
> said, testing for null (and my example tested) is not foolproof but its
> better than nothing. One should *also* test for the known end of the
> allocated buffer.

Yes. That's why an additional length parameter is a good
choice, as well as maybe checing every individual character,
e. g. checking for validity BEFORE doing something with it.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to