Coverity errors in libndr/
tridge at samba.org
tridge at samba.org
Wed Oct 25 10:20:54 GMT 2006
Volker,
> But then the check for NULL is bogus. Should we remove it or
> shouldn't we? I could certainly mark all these Coverity
> errors as false positives, but I do think a NULL check after
> having dereferenced a pointer is kind of void.
In my attempt to be humorous I left off the obvious exception -
anything that could be an allocation failure obviously does need to be
checked. It's not OK to segv on allocation failure (or failing to
mmap, failing to open a file etc etc). So I think we do need one check
when we allocate a new attribute, but if the attribute does get added
OK then we don't need to check the case that its null afterwards.
I just don't like the use of assert() calls for NULL checks, when the
assert call causes a panic or similar shutdown. That's pointless,
makes the code larger and slower, and is generally a bad thing ;-)
btw, does coverity do inter-module checking? ie. does it notice that
a function passing in ldb_msg.c implies that a different function in a
different module can't fail? I know the ibm checker does some of that
(tho not perfectly) but I don't know if coverity does.
Cheers, Tridge
More information about the samba-technical
mailing list