Path: csiph.com!eternal-september.org!feeder.eternal-september.org!.POSTED!not-for-mail
From: Keith Thompson <kst-u@mib.org>
Newsgroups: comp.lang.c
Subject: Re: High level programming in C
Date: Tue, 21 Nov 2017 11:29:27 -0800
Organization: None to speak of
Lines: 30
Message-ID: <lnfu97v3ag.fsf@kst-u.example.com>
References: <ouudfb$jj7$1@dont-email.me> <979bb888-53e1-410b-b013-1ace6c8dc0ad@googlegroups.com> <bd0fe87f-70f2-4e83-8ff4-b6fa83b3b282@googlegroups.com> <ov1b61$b3q$1@dont-email.me> <N3XQB.37994$xh3.19562@fx36.iad> <ov1hic$rus$1@dont-email.me> <1d54853a-79c7-4b7b-8666-51d26cc35b3d@googlegroups.com> <rPoUNWRb65RdvTOR6VscRRzUeKi7@bongo-ra.co> <c6b928d9-561f-4597-822b-d759ce14ae92@googlegroups.com> <ov1lqk$uoo$1@dont-email.me> <eae4c1eb-d14c-404f-8730-4b5e2e3208e1@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Info: reader02.eternal-september.org; posting-host="9437c726f685efabd2d584afa836bd7f"; logging-data="8056"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18D547WPgKZTIY6BXXJVWBS"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux)
Cancel-Lock: sha1:iubJLczXIuT2H2osGs5B1+Di0i8= sha1:nn3n/4I6M8kpy+5pVrSmboPbSks=
Xref: csiph.com comp.lang.c:123194

Thiago Adams <thiago.adams@gmail.com> writes:
> On Tuesday, November 21, 2017 at 2:55:56 PM UTC-2, jacobnavia wrote:
> ...
>> Just crashing at any NULL pointer was not even considered as viable 
>> software. That is just sound software engineering. What does your cC 
>> preprocessor do when I give you some non existent file to open?
>
> Currently I am not using any tool to check null.
> I want to add these checks in my tool. 
[...]

There's nothing wrong with checking for null pointers, but (at
least in C or a C-like language) it can't make your program safe.

For example, strlen(NULL) has undefined behavior.  The standard
*could* have specified the behavior of strlen(NULL) somehow (perhaps
returning (size_t)-1 and setting errno, for example), but there's
no portable way to check for invalid pointer values other than NULL.

Languages other than C can take various precautions to ensure that
problems like this don't occur, but (a) any sufficiently powerful
language that has pointers will probably make it possible to create
invalid non-null pointers, and (b) no language can guard against
calling strlen(s1) when you meant strlen(s2).

-- 
Keith Thompson (The_Other_Keith) kst-u@mib.org  <http://www.ghoti.net/~kst>
Working, but not speaking, for JetHead Development, Inc.
"We must do something.  This is something.  Therefore, we must do this."
    -- Antony Jay and Jonathan Lynn, "Yes Minister"