> Since, as you point out, this may be a lot of work, I think we should
> try to split the work across several devs...

Yes please, I am beyond burn-out lately...

> To do that, we'd grep for all uses of asprintf() to find out which
> files use it and post that list in reply to this email.

I can do that. Apart from asprintf() and vasprintf(), is anyone aware of
any other similarly suspicious functions to check?

> In my opinion asprintf should set the pointer to NULL, to be safe.
> But the calling code should probably be changed as well, because it is
> not a good coding example for portability.

I'm sceptical about this.
Setting the pointer to NULL seems more safe, but also it is a change in
functionality!

Consider the following example:

char * msg = "Error message";
asprintf(&msg, "format string", args...);

Based on the current functionality, I can directly use msg without any
error checking, as it will always be valid.
(Either due to its initialization, or due to a successful asprintf).

Indeed, this seems like a not-so-great piece of code, but I don't know
whether this approach is used anywhere in NuttX
(or in user code).



On Wed, Mar 29, 2023 at 3:28 AM Tomek CEDRO <to...@cedro.info> wrote:

> On Wed, Mar 29, 2023 at 2:14 AM Bernd Walter wrote:
> > I think I should open up a ticket for FreeBSD to extend this part in the
> manpage.
> > Sounds like a trap - I often just look into the FreeBSD manpages, since
> this
> > is what my desktop runs.
>
> greetings from a FBSD station to a fellow daemon :-) :-)
>
> --
> CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
>

Reply via email to