[cairo] [PATCH] boilerplate: Add xsprintf() and xsnprintf()

Bill Spitzak spitzak at gmail.com
Wed Oct 22 11:25:08 PDT 2014

Passing NULL for an *output* buffer can be considered programmer error, 
and I would prefer it segfault at this point rather than call exit and 
lose the stack trace.

If they are calling malloc to make the buffer then they should be 
calling the xmalloc instead which exits, thus reproducing this result 
but with a correct out-of-memory error. Any other method of making the 
buffer pointer will be extracting the pointer from another pointed-to 
structure and thus any error will segfault before calling this, or pass 
a small offset from zero that this code does not detect anyway.

And I strongly suspect the error result of snprintf is never produced. 
That is for reporting errors from the flush of output streams.

I think this is useless code similar to the _s crap that Microsoft 
foisted on the C standard in an effort to make C non-portable, and 
should not be added.

Any effort here would be better spent changing all sprintf to snprintf 
and replacing strdup and strcat with strldup and strlcat,

If there is a worry about NULL string pointers you should be fixing 
functions that take *input* strings and make them do some expected 
result when passed NULL, such as treat it the same as "". This would fix 
actual bugs and crashes.

On 10/21/2014 10:13 PM, RAVI NANJUNDAPPA wrote:
> (formatting was the problem with the earlier mail. Pls ignore that mail.)
> Agreed. But we need to check for other conditions like if the user is passing NULL string value or not (as it's been done in xstrdup())
> In which case also, we need to exit from the execution environment.
> Thanks and Best Regards,
> N Ravi

More information about the cairo mailing list