Re: Segfault in libpspell

Subject: Re: Segfault in libpspell
From: Sam TH (sam@uchicago.edu)
Date: Wed Nov 15 2000 - 00:40:18 CST

• sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Sam TH: "Release Critical Bugs"
• Previous message: Kevin Atkinson: "Re: Segfault in libpspell"
• In reply to: Kevin Atkinson: "Re: Segfault in libpspell"
• Next in thread: Dom Lachowicz: "Re: Segfault in libpspell"
• Reply: Sam TH: "Re: Segfault in libpspell"

On Wed, Nov 15, 2000 at 01:36:23AM -0500, Kevin Atkinson wrote:
> On Wed, 15 Nov 2000, Sam TH wrote:
>
> > On Wed, Nov 15, 2000 at 01:04:07AM -0500, Kevin Atkinson wrote:
> > > On Tue, 14 Nov 2000, Sam TH wrote:
> > >
> > > > On Tue, Nov 14, 2000 at 07:29:43PM -0500, Kevin Atkinson wrote:
> > > > > On Tue, 14 Nov 2000, Matt Brubeck wrote:
> > > > >
> > > > > > Also, pspell_manager_check() should not segfault when passed a null
> > > > > > pointer as its first argument. This is a bug in Pspell.
> > > > >
> > > > > Um, Why? You are violating an implied precondition of passing in a valid
> > > > > pointer.
> > > > >
> > > >
> > > > Because programs shouldn't segfault. This is certainly our fault,
> > > > for passing the NULL pointer. However, it is preferable to check
> > > > that, than to just segfault.
> > >
> > > A library can certainly segfault. The behavior of many libc functions
> > > are undefined if you give them invalid input. Similarly the behavior of
> > > many pspell functions are undefined if you give them invalid input.
> > >
> > > Just what would you like me to do if I get a null pointer?
> >
> > Well, as far as I can tell from Dom's code, pspell_manager_check() returns
> > 1 if found, 0 if not found, and -1 on error. Therefore, if it was passed
> > a null pointer, it could return -1. The following patch does just that
> > (actually it checks both arguments, which should be the right thing to do):
>
> 1) If it returns -1 it should also set the appropriate error message.
> 2) The behavior of pspell_manager_check should be identical to the
> behavior of m->check();
> 3) It is unnecessary in my view as the behavior is undefined if you pass it in
> invalid input.
>
> Thus your patch is rejected. As I said before I do NOT think this is a
> bug nor will I ever consider undefined behavior due to invalid input a
> bug. Sometimes I will check if the input is valid with an assert however
> in the case of null pointers this is unnecessary because dereferencing a
> null pointer guaranties a segfault. A backtrace of where the program
> segfaulted will clearly show a null pointer being passed in.
>
> I am sorry I do not agree with you here.

I understand your perspective, and certainly this isn't your responsibility.
I just think that if someone is using a program that uses pspell, that
segfault will still make them unhappy, even if it was the programs fault.

I guess we can agree to disagree, and leave it at that.

           
        sam th
        sam@uchicago.edu
        http://www.abisource.com/~sam/
        GnuPG Key:
        http://www.abisource.com/~sam/key

• application/pgp-signature attachment: stored

• Next message: Sam TH: "Release Critical Bugs"
• Previous message: Kevin Atkinson: "Re: Segfault in libpspell"
• In reply to: Kevin Atkinson: "Re: Segfault in libpspell"
• Next in thread: Dom Lachowicz: "Re: Segfault in libpspell"
• Reply: Sam TH: "Re: Segfault in libpspell"

This archive was generated by hypermail 2b25 : Wed Nov 15 2000 - 00:40:23 CST