On 2023/03/28 17:02:18 +0800, lux <l...@shellcodes.org> wrote:
> On Mon, 2023-03-27 at 18:58 -0600, Todd C.Miller wrote:
> >
> > > - _exit(1);
> > > - if (path == NULL)
> > > _exit(1);
> > >
>
> Hi, `pipeio' looks like a common function, so maby called in others
> code, checking the path is NULL is a safe check, to prevent writing
> wrong code, I think the condition that path is NULL should not be
> removed.
pipeio() is a common _internal_ function. There are requirements that
callers need to fulfill when calling other functions. Otherwise you'd
have to check also that argv is non-NULL and that it is NULL
terminated, that len is non-negative, that text is a valid pointer if
len is positive, that outbp is non-NULL and a valid pointer etc.
Quite a few checks for a function only called twice and always with
proper parameters :)
% grep 'pipeio(' *.c
buffer.c: ret = pipeio(DIFFTOOL, argv, text, len, bp);
region.c: ret = pipeio(shellp, argv, text, len, bp);
region.c:pipeio(const char* const path, char* const argv[],
Furthermore, path is only looked at in the child process after fork(),
even for the paranoids it won't cause issues in the editor itself.
So I don't think we need to be pedantic and check the path there given
that 1. it is always called with proper arguments and 2. there's no
way it could do something useful with a NULL first argument.
I should have added a note about this in the commit message.
apologies.
