[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] Missing error checking

To: libevent-users@xxxxxxxxxxxxx
Subject: Re: [Libevent-users] Missing error checking
From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
Date: Wed, 8 Jun 2011 14:28:55 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: libevent-users-outgoing@xxxxxxxx
Delivered-to: libevent-users@xxxxxxxx
Delivery-date: Wed, 08 Jun 2011 14:29:02 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=7yYnqiCGcuNnFzeRHP6YaHgPaemYh9D5gRKr8CqNXqU=; b=nijVX481lDOD/V0R8TMCJj6A+lrDQ36BIHXq7u9yPo0udHAIWlHuG+tQ/+nnjeokgh /WNMcS0Y/8sDyh/reRNBM0DgzFWa6McI9Q6SucHLP4U89Cu+0ssquD3eN2vYUa3K1vd7 SPYU+90AHkMpSXelhmrcjWrXfyzi18h/m1D1M=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=VzwnIDg4nH9cquimd0bqG3eu3qA8n/IkxsD8l6QgXXP7tex7bL3ahhu0SJ4VAwnINw IMWTDuJnCJTHbB2D+a4zN0fmVat9MKRW6iqOD3Glpkv6wCFb+fSSML47EmOTScT2zwIl UkrQ9daw7KpEV+39RnAPhbGpqpYwTFmbNyy94=
In-reply-to: <14803CE6B7CFE0439D9346D27557A82A584AF902D7@xxxxxxxxxxxxxxxxxx>
References: <14803CE6B7CFE0439D9346D27557A82A584AF902D7@xxxxxxxxxxxxxxxxxx>
Reply-to: libevent-users@xxxxxxxxxxxxx
Sender: owner-libevent-users@xxxxxxxxxxxxx

On Mon, Jun 6, 2011 at 5:29 PM, Gilad Benjamini <gbenjamini@xxxxxxxxxxx> wrote:
> Hi,
> Here are a few cases where error checking is missing. Not knowing the code, I can mostly just point to the issues without suggesting fixes.
>
> - evthread_set_condition_callbacks - The first half of the function assumes cbs might
> be NULL. The second half references cbs without validation

Hmmm.  I think that the allowing NULL-cbs is an issue here.
Generally, it is a really bad idea to change the threading callbacks
once libevent is running, or to disable threading entirely.  I think
that instead of checking for "NULL" here, we should maybe disallow
setting the threading or condition callbacks more than once.  What do
other people think?  Is there a valid use-case here that I'm missing?

> - evbuffer_overlapped_new - mm_calloc return value is not checked

Thanks; should be fixed in  89d5e09e4d3a4666bf

> - event_base_free - All the code that follows the call to EVUTIL_ASSERT assumes that base is non NULL. Assertion are useful for a debug environment, but IMHO are not a valid tool for production code, especially in an external-facing function

Turned that into a non-assert check in 09fe97da3b0dc.  It's a warn
now, since it's almost certainly a programming error to ever call
event_base_free(NULL) when there is no current_base set.

> - A similar approach exists in GET_IO_SLOT_AND_CTOR; _ent is allocated and the assertion is supposed to cover the case of a failure.

Thanks; should be fixed in  89d5e09e4d3a4666bf

cheers,
-- 
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.

References:
- [Libevent-users] Missing error checking
  - From: Gilad Benjamini

Prev by Author: Re: [Libevent-users] Issue with Windows fork CreateProcess
Next by Author: Re: [Libevent-users] some trivial patches
Previous by thread: [Libevent-users] Missing error checking
Next by thread: [Libevent-users] Dead or wrong code
Index(es):
- Author
- Thread