Re: [BK PATCH] One strdup() to rule them all

From: Dan Aloni
Date: Mon Aug 25 2003 - 11:57:15 EST


On Mon, Aug 25, 2003 at 06:37:45PM +0200, J?rn Engel wrote:
> > +/**
> > + * strdup - Allocate a copy of a string.
> > + * @s: The string to copy. Must not be NULL.
> > + *
> > + * returns the address of the allocation, or NULL on
> > + * error.
> > + */
> > +char *strdup(const char *s)
> > +{
> > + char *rv = kmalloc(strlen(s)+1, GFP_KERNEL);
> > + if (rv)
> > + strcpy(rv, s);
> > + return rv;
> > +}
>
> My gut feeling is always afraid when something "must not be NULL",
> someone will ignore this and Bad Things (tm) happen. Is strdup ever
> used such performance critical code that the extra check would hurt?

There are two reasons while it shouldn't have a NULL check. One,
persistency: the other str*() functions don't do this sort of check.
Two, for general uses like that:

new_name = strdup(name);
if (!new_name)
goto allocation_failed;

With this check, NULL would be returning from strdup() either because
name == NULL or when the allocation fails. You cannot simply pass that
information through its return value and the caller would need to
check whether name == NULL by itself which should have been done anyway.

Passing NULL to strdup() is a bug, which would have NOT show as an
Oops if you add this check, and that is bad. Maybe it would be worth
to add a BUG_ON(s == NULL) instead, and perhaps also add this to the
other str*() functions, but that is a different patch.

--
Dan Aloni
da-x@xxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/