From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
To: Matthew Daley <mattjd@gmail.com>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Campbell <Ian.Campbell@citrix.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Re: [PATCH] libxl: handle null lists in libxl_string_list_length
Date: Fri, 27 Sep 2013 09:28:17 -0400 [thread overview]
Message-ID: <524587F1.6050406@oracle.com> (raw)
In-Reply-To: <CA+nUz_JnkZorb_cTnSwBaiRuNG8gOiYMHTc-hvsJC48DCadtzw@mail.gmail.com>
On 09/27/2013 09:14 AM, Matthew Daley wrote:
> On Sat, Sep 28, 2013 at 12:28 AM, Ian Campbell <Ian.Campbell@citrix.com> wrote:
>> On Sat, 2013-09-28 at 00:20 +1200, Matthew Daley wrote:
>>> On Sat, Sep 28, 2013 at 12:08 AM, Boris Ostrovsky
>>> <boris.ostrovsky@oracle.com> wrote:
>>>> ----- mattjd@gmail.com wrote:
>>>>
>>>>> After commit b0be2b12 ("libxl: fix libxl_string_list_length and its
>>>>> only
>>>>> caller") libxl_string_list_length no longer handles null (empty)
>>>>> lists. Fix
>>>>> so they are handled, returning length 0.
>>>>>
>>>>> While at it, remove the unneccessary undereferenced null pointer
>>>>> check
>>>> Are you sure this check should be removed? This routine can be called
>>>> from anywhere (at least within libxl it seems) and one day someone will
>>>> call it with NULL argument.
>>>>
>>>> I'd probably leave this check in.
>>> I would argue that any such invocation would be an error by the caller
>>> and should fail noisily, similar to how passing NULL into strlen
>>> should not return 0. libxl_{string,key_value}_list_dispose similarly
>>> assumes non-NULL pointers, FWIW.
>>>
>>> Ian C., do you have an opinion either way?
>> I think a zero length list is a bit different to a NULL string and
>> should return 0.
> Perhaps it was a bad analogy, but passing NULL to this function isn't
> giving it an empty list, it's giving it no (NULL!) list. We don't
> check for null pointers everywhere else non-optional pointers are
> passed (at least, we shouldn't be, IMO...)
What if someone assigns 'libxl_string_list *psl = NULL' if, say,
main()'s argc is 1 (i.e. there is no argument list) and then, later, calls
libxl_string_list_length(psl) to find out whether something needs
to be allocated for the list. Isn't getting a zero back an expected
answer?
(I am afraid we are approaching rathole territory here.)
-boris
>
>> But libxl_string_list is already char** so this function is taking
>> char***. The check for char *** == NULL, which is being removed, appears
>> to be unnecessary. A zero length list would be char ** == NULL, which
>> should be handled (and is I think?). char * == NULL would be a "" entry
>> in the string list.
> This was my intention in this patch; only the char *** == NULL check
> is removed, and the char ** == NULL for empty lists is handled by the
> newly added if condition.
>
> But char * == NULL doesn't mean an "" entry, doesn't it instead mark
> the end of the list (see xlu_cfg_get_list_as_string_list for example)?
> This is currently being checked for in the while loop condition. To
> continue using your notation, instead char == NULL is an empty string
> value in the list.
>
>> Confused? I know I am ;-)
> :)
>
> - Matthew
>
>> Ian.
>>
next prev parent reply other threads:[~2013-09-27 13:28 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-27 12:08 [PATCH] libxl: handle null lists in libxl_string_list_length Boris Ostrovsky
2013-09-27 12:20 ` Matthew Daley
2013-09-27 12:23 ` Andrew Cooper
2013-09-27 12:28 ` Ian Campbell
2013-09-27 13:14 ` Matthew Daley
2013-09-27 13:28 ` Boris Ostrovsky [this message]
2013-09-27 14:15 ` Ian Campbell
-- strict thread matches above, loose matches on Subject: below --
2013-09-27 11:29 Matthew Daley
2013-10-03 13:42 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=524587F1.6050406@oracle.com \
--to=boris.ostrovsky@oracle.com \
--cc=Ian.Campbell@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=mattjd@gmail.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).