From: Michael Haggerty <mhagger@alum.mit.edu>
To: Junio C Hamano <gitster@pobox.com>
Cc: Jeff King <peff@peff.org>, git@vger.kernel.org
Subject: Re: [PATCH 00/14] numparse module: systematically tighten up integer parsing
Date: Tue, 17 Mar 2015 20:46:59 +0100 [thread overview]
Message-ID: <550884B3.5010102@alum.mit.edu> (raw)
In-Reply-To: <xmqqk2yfo3y0.fsf@gitster.dls.corp.google.com>
On 03/17/2015 07:48 PM, Junio C Hamano wrote:
> Michael Haggerty <mhagger@alum.mit.edu> writes:
>
>> When I looked around, I found scores of sites that call atoi(),
>> strtoul(), and strtol() carelessly. And it's understandable. Calling
>> any of these functions safely is so much work as to be completely
>> impractical in day-to-day code.
>>
>> git-compat-util.h has two functions, strtoul_ui() and strtol_i(), that
>> try to make parsing integers a little bit easier.
>
> Exactly. They were introduced to prevent sloppy callers from
> passing NULL to the &end parameter to underlying strtoul(3). The
> first thing that came to my mind while reading your message up to
> this point was "why not use them more, tighten them, adding
> different variants if necessary, instead of introducing an entirely
> new set of functions in a new namespace?"
Here were my thoughts:
* I wanted to change the interface to look less like
strtol()/strtoul(), so it seemed appropriate to make the names
more dissimilar.
* The functions seemed long enough that they shouldn't be inline,
and I wanted to put them in their own module rather than put
them in git-compat-util.h.
* It wasn't obvious to me how to generalize the names, strtoul_ui()
and strtol_i(), to the eight functions that I wanted.
That being said, I'm not married to the names. Suggestions are
welcome--but we would need names for 8 functions, not 4 [1].
Michael
> For example:
>
>> * Am I making callers too strict? In many cases where a positive
>> integer is expected (e.g., "--abbrev=<num>"), I have been replacing
>> code like
>>
>> result = strtoul(s, NULL, 10);
>>
>> with
>>
>> if (convert_i(s, 10, &result))
>> die("...");
>
> I think strictness would be good and those who did "--abbrev=' 20'"
> deserve what they get from the additional strictness, but
>
> if (strtol_i(s, 10, &result))
>
> would have been more familiar.
[1] It could be that when we're done, it will turn out that some of the
eight variants are not needed. If so, we can delete them then.
--
Michael Haggerty
mhagger@alum.mit.edu
next prev parent reply other threads:[~2015-03-17 19:47 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 16:00 [PATCH 00/14] numparse module: systematically tighten up integer parsing Michael Haggerty
2015-03-17 16:00 ` [PATCH 01/14] numparse: new module for parsing integral numbers Michael Haggerty
2015-03-18 18:27 ` Eric Sunshine
2015-03-18 22:47 ` Michael Haggerty
2015-03-20 8:54 ` Eric Sunshine
2015-03-20 17:51 ` Junio C Hamano
2015-03-17 16:00 ` [PATCH 02/14] cacheinfo_callback(): use convert_ui() when handling "--cacheinfo" Michael Haggerty
2015-03-17 16:00 ` [PATCH 03/14] write_subdirectory(): use convert_ui() for parsing mode Michael Haggerty
2015-03-17 16:00 ` [PATCH 04/14] handle_revision_opt(): use skip_prefix() in many places Michael Haggerty
2015-03-17 16:00 ` [PATCH 05/14] handle_revision_opt(): use convert_i() when handling "-<digit>" Michael Haggerty
2015-03-19 6:34 ` Junio C Hamano
2015-03-17 16:00 ` [PATCH 06/14] strtoul_ui(), strtol_i(): remove functions Michael Haggerty
2015-03-17 16:00 ` [PATCH 07/14] handle_revision_opt(): use convert_ui() when handling "--abbrev=" Michael Haggerty
2015-03-17 16:00 ` [PATCH 08/14] builtin_diff(): detect errors when parsing --unified argument Michael Haggerty
2015-03-17 16:00 ` [PATCH 09/14] opt_arg(): val is always non-NULL Michael Haggerty
2015-03-17 16:00 ` [PATCH 10/14] opt_arg(): use convert_i() in implementation Michael Haggerty
2015-03-17 16:00 ` [PATCH 11/14] opt_arg(): report errors parsing option values Michael Haggerty
2015-03-17 16:00 ` [PATCH 12/14] opt_arg(): simplify pointer handling Michael Haggerty
2015-03-17 16:00 ` [PATCH 13/14] diff_opt_parse(): use convert_i() when handling "-l<num>" Michael Haggerty
2015-03-17 16:00 ` [PATCH 14/14] diff_opt_parse(): use convert_i() when handling --abbrev=<num> Michael Haggerty
2015-03-19 6:37 ` Junio C Hamano
2015-03-17 18:48 ` [PATCH 00/14] numparse module: systematically tighten up integer parsing Junio C Hamano
2015-03-17 19:46 ` Michael Haggerty [this message]
2015-03-19 6:31 ` Junio C Hamano
2015-03-17 23:05 ` Duy Nguyen
2015-03-18 9:47 ` Michael Haggerty
2015-03-18 9:58 ` Duy Nguyen
2015-03-18 10:03 ` Jeff King
2015-03-18 10:20 ` Michael Haggerty
2015-03-19 5:26 ` Jeff King
2015-03-19 6:41 ` Junio C Hamano
2015-03-19 7:32 ` Junio C Hamano
2015-03-24 16:06 ` Michael Haggerty
2015-03-24 16:49 ` René Scharfe
2015-03-25 21:14 ` Michael Haggerty
2015-03-25 21:59 ` Junio C Hamano
2015-03-24 15:05 ` Michael Haggerty
2015-03-19 6:22 ` Junio C Hamano
2015-03-24 15:42 ` Michael Haggerty
2015-03-24 15:58 ` Junio C Hamano
2015-03-24 16:09 ` Junio C Hamano
2015-03-24 17:39 ` Michael Haggerty
2015-03-24 18:08 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=550884B3.5010102@alum.mit.edu \
--to=mhagger@alum.mit.edu \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.