On Mon, 19 Oct 2009 08:58:05 -0500, David Kelly <dke...@hiwaay.net> wrote: > On Mon, Oct 19, 2009 at 05:43:44AM +0200, Polytropon wrote: > > to make sure s is not NULL, or testing for it explicitely like > > > > if(!s) > > ... error handling here ... > > You are missing my point that *s == 0 is not a good out of bounds range > check.
That's correct. Test != NULL just ensures that it is not a NULL pointer. Range checking should always be applied additionally. > strlen() knows nothing about the buffer allocation. As I originally > said, testing for null (and my example tested) is not foolproof but its > better than nothing. One should *also* test for the known end of the > allocated buffer. Yes. That's why an additional length parameter is a good choice, as well as maybe checing every individual character, e. g. checking for validity BEFORE doing something with it. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"