Re: Missing checks when malloc returns NULL...
| От | Michael Paquier |
|---|---|
| Тема | Re: Missing checks when malloc returns NULL... |
| Дата | |
| Msg-id | CAB7nPqRXw-O_spUw5ichq-ghBowqmG8gA-9YVXO=G=UAjwtFqg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Missing checks when malloc returns NULL... (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Wed, Aug 31, 2016 at 2:15 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Michael Paquier <michael.paquier@gmail.com> writes:
>> And with an actual patch things are better.
>
> Working through this patch, it suddenly strikes me that we are going
> about fixing the callers of simple_prompt the wrong way. The existing
> definition with returning a malloc'd string creates a hazard of malloc
> failure, and it *also* creates a hazard of not remembering to free the
> result.
Yes, this cleanup was part of the candidate patch of this thread as well.
> Moreover, there are almost no callers that want a max result
> longer than ~100 bytes.
True, there is basically one such caller, psql, with 4096 bytes.
> Seems like it would be a whole lot easier all
> around to make the caller supply the buffer, ie typical call would be
> roughly
>
> char buf[100];
>
> simple_prompt("Password: ", buf, sizeof(buf), false);
>
> Callers that want to deal with a malloc'd buffer (all one of them, looks
> like) can do it themselves, for basically only one more line than is
> needed now.
Yes, that's possible as well and I thought about doing so, but I found
the buffer allocated from within simple_prompt clearer when hacking
this part. By the way, I just reviewed 9daec77e that you pushed
instead and that looks fine to me. Thanks!
--
Michael
В списке pgsql-hackers по дате отправления: