[U-Boot] [PATCH 1/2] net/eth.c: make eth_get_dev_by_name(NULL) safe
Mike Frysinger
vapier at gentoo.org
Tue Jul 12 22:49:43 CEST 2011
On Tue, Jul 12, 2011 at 05:22, Detlev Zundel wrote:
> Mike Frysinger wrote:
>> but the point isnt the impact of this single check. it sets the
>> precedence that every function in u-boot that takes a pointer should
>> start over protecting itself against poorly written code originating
>> elsewhere. now your "few characters" is quite a bit more.
>
> I still stand by what I said that if we have functions that can be
> called from many places (i.e. "library"-like), then the functions should
> be conservative in what they expect. Tightly coupled code can be looser
> in this respect. Maybe our disagreement stems from the fact that you
> consider this function to be "tightly coupled" and not really library
> like?
not really. i consider this to be "garbage-in garbage-out". imo,
u-boot isnt a C library that should be padded with garbage checking
all over. the result only helps broken systems (edge cases) while
hindering the rest.
i wouldnt have a problem with adopting an NDEBUG system, or perhaps
adding assert()'s to this code. then people can easily opt-out of it
all and for the people doing development, can easily turn things on.
assert(name != NULL);
the current miiphy system needs to be replaced (this runtime string
based approach is crazy), but that's a completely different topic :).
-mike
More information about the U-Boot
mailing list