On Tue, 2023-03-28 at 11:22 +0200, Omar Polo wrote:
> On 2023/03/28 17:02:18 +0800, lux <l...@shellcodes.org> wrote:
> > On Mon, 2023-03-27 at 18:58 -0600, Todd C.Miller wrote:
> > >
> > > > - _exit(1);
> > > > - if (path == NULL)
> > > > _exit(1);
> > > >
> >
> > Hi, `pipeio' looks like a common function, so maby called in others
> > code, checking the path is NULL is a safe check, to prevent writing
> > wrong code, I think the condition that path is NULL should not be
> > removed.
>
> pipeio() is a common _internal_ function. There are requirements
> that
> callers need to fulfill when calling other functions. Otherwise
> you'd
> have to check also that argv is non-NULL and that it is NULL
> terminated, that len is non-negative, that text is a valid pointer if
> len is positive, that outbp is non-NULL and a valid pointer etc.
> Quite a few checks for a function only called twice and always with
> proper parameters :)
>
> % grep 'pipeio(' *.c
> buffer.c: ret = pipeio(DIFFTOOL, argv, text, len, bp);
> region.c: ret = pipeio(shellp, argv, text, len, bp);
> region.c:pipeio(const char* const path, char* const argv[],
>
> Furthermore, path is only looked at in the child process after
> fork(),
> even for the paranoids it won't cause issues in the editor itself.
>
> So I don't think we need to be pedantic and check the path there
> given
> that 1. it is always called with proper arguments and 2. there's no
> way it could do something useful with a NULL first argument.
>
> I should have added a note about this in the commit message.
> apologies.
>
Okay, I understand now, thank you :-)
