Subject: Re: error function re-factoring.
To: Jason Thorpe <thorpej@shagadelic.org>
From: Christos Zoulas <christos@zoulas.com>
List: tech-userlevel
Date: 07/10/2006 12:30:48
On Jul 10, 9:17am, thorpej@shagadelic.org (Jason Thorpe) wrote:
-- Subject: Re: error function re-factoring.
| Library routines should NOT be printing error messages.
Library routines should not exit either; they should be returning
control to the caller to give it a chance to handle the error properly.
These routines do print and exit: by design, and they are documented to
do so.
| Honestly, I don't see the big deal in duplicating error handling code
| like this. Especially since that once you remove the error message
| printing (which you should do -- printing error messages in library
| routines has negative security implications), then there's not added
| value to these new, non-standard routines.
There are no security implications here. The caller expects the
routines to print an error to stderr if they fail and exit. This
is the documented functionality. If you don't buy that, then you
should consider fprintf() buggy since it is in a library and it
prints. As I mentioned in the original posting, what I am trying
to do is provide a small convenience wrapper so each program does
not have to duplicate the functionality and possibly get it wrong:
The reasons I gave in the original message (sent on June 15th, which
I only got positive responses) were:
1. Many programs do this on their own, and this would centralize it
2. Some programs do not bother checking at all; having these routines
will make it easier for people to add checking.
3. Some programs open code this and it quickly gets tedious, and makes
reading the code more difficult
4. A handful of programs do the checks incorrectly
Each program can decide to use the functions or not; they are not
appropriate in all cases, but in many they are. The proof that they
are useful is in the number of programs that chose to implement
exactly this functionality independently.
christos