[OPEN-ILS-DEV] PATCH: transport_message.[ch] (miscellaneous)
Mike Rylander
mrylander at gmail.com
Mon Dec 31 21:18:24 EST 2007
On Dec 25, 2007 1:13 AM, Scott McKellar <mck9 at swbell.net> wrote:
> This patch is a miscellaneous cleanup. Summary:
>
Applied.
[snip]
>
> I don't know why we bother to check strdup() here. The rest of the
> code base is littered with strdups, and we almost never check for
> NULL returns. If we are really concerned that strdup() might fail,
> we should create a safe_strdup() analogous to safe_malloc().
I tend to agree in general on the uselessness of the safe_* methods
now adays -- and yeah, I was the one that wanted safe_malloc to begin
with (he said, sheepishly).
I'd consider going even further and say "if we run out of memory, all
bets are off." This code is not meant to, nor built to, recover from
"oh crap I ran out of memory on my multi-gig production server," and,
in fact, we recycle processes often enough that it would take a
catastrophic bug or maliciously crafted message (which are both bigger
problems than running out of memory) to cause this in practice.
--
Mike Rylander
| VP, Research and Design
| Equinox Software, Inc. / The Evergreen Experts
| phone: 1-877-OPEN-ILS (673-6457)
| email: miker at esilibrary.com
| web: http://www.esilibrary.com
More information about the Open-ils-dev
mailing list