[Gdal-dev] segfault in SHPCreateObject

[Ari Jolma]

Frank Warmerdam kirjoitti:

>I do think that OGR ought to do some more run-time
>checking ...
>it is hard to check 
>pre-conditions without incorporating the code into all
>the driver implementations.  I could put some extra
>checking in the C cover functions which would help
>applications using the C interface (and all the swig bindings). 
>Perhaps that would be a better angle.
> 
>Unfortunately that leaves us in the case where the C++
>interface becomes uniquely dangerous. 
>  
>

The question was whether "one should not be able to produce a seg fault 
by a scripting interface" sounded reasonable. I guess that's of course 
also up to the binding developers to put more shields. I'm very 
interested in having bullet proof code in the sense that the (stupid) 
end user hacking the script just shouldn't be able to blow up to whole 
thing. That's because I'm giving the end user a CLI where to hack in his 
stupid code, and they will do that since they are often students in my 
case. Cryptic error messages are always better than segfaults. But as 
said, there are many paths.

Ari