-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
8 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes,
perror
could be used. Not a big deal either way though.Nicer as in say "Address issue #1" instead of first issue?
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, writing to
stderr
in this case is not really what I want. It is often the case this tool is used in a script to gather results. It will take more effort on the user's part to include bothstrerr
andstdout
in the same stream or file. Better to leave it the way it is I think. I'll keep it in mind for the next time though. Thanks.Other candidates? Can you describe the other candidates? Something like "malloc return values should be checked" or something like that if thats what you are referring to.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should error output redirection be applicable?
Function calls for further considerations:
fclose
fseek
ftell
malloc
printf
pthread_mutex_lock
pthread_mutex_unlock
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for that list. I'll go through the code later today.
Output redirection would be applicable if using
perror
since it outputs onstderr
. Someone running in a script that did not capturestrerr
would miss the reason for missing output in the output stream.e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pushed addition checked. I did not put any code to check returned on the mutex lock and unlock for reasons explained previously. I do not thing putting a check on every
printf
is necessary. If it fails it will be pretty obvious and I'd expect the app to crash at that point anyway. Remember this is a utility for benchmarking.e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hardly thing not checking the return values of a
printf
statement in a benchmark utility is a security issue. If it is too insecure then anyone that finds the utility too insecure for benchmarking does not have to use it.e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How would you image there could be any kind of security issue with
printf
? Think about the use cases for a benchmark utility. A failedprintf
will not have any impact at all other than not showing results.What other linked information sources are you referring to?
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If a
printf
fails, how would you report the error? Ifprintf
is broken there is no way to report the error. The only other action would be to just exit silently which is not very helpful. In any case complaining about the use ofprintf
in a benchmarking utility is a bit extreme.What other functions are you referring to?
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I am reluctant to add checks for
printf
,pthread_mutex_lock
andpthread_mutex_unlock
for reasons I have already explained. I see no value in checking return values for those functions as it only makes the code harder to read and does not protect against any real world issues.e15f516
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.