[mapserver-dev] Mapserver assertion handling causing potential crashes
thomas bonfort
thomas.bonfort at gmail.com
Mon Feb 14 12:33:48 PST 2022
Hi Tamas,
I agree that our code base should not have any asserts for these kind of
error conditions. assert still can have it's merit for error cases where we
know we can't recover (e.g. a small malloc fail) which might be why
coverity isn't flagging that by default.
regards,
thomas
On Mon, Feb 14, 2022 at 5:06 PM Tamas Szekeres <szekerest at gmail.com> wrote:
> As far as I can see such kind of issues can easily be detected by a static
> code analyzer tool like this: https://sonarcloud.io/
> This seems to be free of use for any open source projects.
>
> What do you think using such tools regularly as part of the continuous
> integration?
>
> Best regards,
>
> Tamas
>
>
>
>
> Tamas Szekeres <szekerest at gmail.com> ezt írta (időpont: 2022. febr. 12.,
> Szo, 21:26):
>
>> Even,
>>
>> Thank you for the fix. I agree that assert does have it's own purpose
>> (when debugging), but the code should never expect that assert will do
>> anything to prevent the code to continue the execution (like what throwing
>> an exception would do). So dereferencing a null pointer in the subsequent
>> code without checking the pointer against null is prohibited.
>>
>> Best regards,
>>
>> Tamas
>>
>>
>> Even Rouault <even.rouault at spatialys.com> ezt írta (időpont: 2022. febr.
>> 12., Szo, 20:25):
>>
>>> Hopefully https://github.com/MapServer/MapServer/pull/6477 should fix
>>> that
>>>
>>> to use or not to use assert(), and where, is one of the many debates for
>>> which devs will have different opinions :
>>> https://stackoverflow.com/questions/1081409/why-should-i-use-asserts .
>>> I'd say assert() are supposed to be used for conditions you don't
>>> anticipate to happen in practice and thus for which you don't have a plan
>>> if they occur (a good reason is because you can't test it and thus the
>>> error handling might be broken because untested). Of course practice
>>> sometimes/often later contradicts your theories, as the impossible has a
>>> trend to occur more often than you'd like :-)
>>>
>>> Even
>>> Le 12/02/2022 à 19:49, Steve Lime a écrit :
>>>
>>> *ert( layer->layerinfo != N*
>>>
>>> -- http://www.spatialys.com
>>> My software is free, but my time generally not.
>>>
>>> _______________________________________________
>>> MapServer-dev mailing list
>>> MapServer-dev at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/mapserver-dev
>>>
>> _______________________________________________
> MapServer-dev mailing list
> MapServer-dev at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/mapserver-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/mapserver-dev/attachments/20220214/4e989974/attachment.html>
More information about the MapServer-dev
mailing list