On Thu, 20 Feb 1997, Theodore Y. Ts'o wrote:
> Date: Thu, 20 Feb 1997 11:26:42 +0200 (EET)
> From: Tuukka Toivonen <tuukkat@stekt.oulu.fi>
>
> As I have understand, Linux returns ALWAYS success when using malloc(),
> because only reason why malloc() would fail, is memory overrun, and this
> will never happen in malloc().
>
> So my question is: is there any point in checking whether malloc() returned
> NULL (failure) or success? Should i just start using the memory without
> checking if the pointer is NULL?
>
> It really is amazing how much mis-information has been generated on this
> thread.....
>
> malloc() does ***not*** always return success. The kernel makes a
> hueristic-based check to see if there is enough memory for the malloc to
> succeed _at_ _that_ _time_. Hence, it *is* important to check to see if
> malloc() returns NULL, because it will.
Besides, absolutely *regardless* of the OS's memory management system,
everyone should check malloc() for a NULL return. In any given system
there may be any number of arbitrary factors that can cause memory
allocation to fail. Not checking malloc()'s return is a sign of terribly
poor design, and something that is so often overlooked. :-)
Hey, assert() is there for a reason. :-)
To protect against malicious users, use resource limits ... pretty
cut-and-dry (effective too!).
+-------------------------------------------------------------------+
+ -- Finger: flood@evcom.net for my PGP public key -- +
+-------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMwxdlxsjWkWelde9AQEJwAP/SCqGqh59RFx9/HpP3+aS21e7ZqxGm1ah
h3ELHcR7GqOlXla6E9ueF31RFc0+G/5l7G2FgkFO26YZRp2dU6SQ1NW6t8ewSmxr
mrZ3B+/AR7UHIxbxUYQv3cAt9ZkbmTYU4wKKkI5yk8VzDVYDRWPmiGNMaa37QinG
TDS83BlZ0qs=
=9AGd
-----END PGP SIGNATURE-----