[cfe-dev] RFC: Nullability qualifiers
Daniel Marjamäki
Daniel.Marjamaki at evidente.se
Mon Mar 2 23:42:39 PST 2015
Hello!
Basically a good idea.
> It is obvious to a programmer who knows the semantics of strchr that
> it's important to check for a returned null, because null is used as the
> sentinel for "not found".
In most cases that is very true.
However strchr is not a good example imho where this could be used.
The strchr return value is well defined, therefore you don't always need to check if it returns null. For instance:
strcat(s,"abcd");
char *c = strchr(s,'c');
I would personally say a warning after this code about missing null pointer check is a FP.
Is there some better function that could have such an attribute? I guess if its return value is unpredictable and can be null at any time then it's a good candidate.
Personally I would not say malloc/realloc are good candidates neither. Since they only return null if there is oom. if there is oom then a null pointer dereference that crash the program may not be a problem.
Best regards,
Daniel Marjamäki
..................................................................................................................
Daniel Marjamäki
Senior Engineer
Evidente ES East AB
Warfvinges väg 34 SE-112 51 Stockholm Sweden
Mobile:
+46 (0)709 12 42 62
E-mail:
Daniel.Marjamaki at evidente.se
www.evidente.se
More information about the cfe-dev
mailing list