Stefan Fuhrmann wrote on Tue, Jan 26, 2016 at 09:21:44 +0100:
> From that, I would derive the following heuristics:
Once we agree upon a set of guidelines, it'll be nice to add it to
HACKING, at least as a link to your email.
They heuristics you propose sound good to me, so +0. (The only reason
I'm not +1 is that I haven't reviewed them carefully enough yet.)
> * Path and string validation functions shall not crash upon NULL
> inputs; error messages for NULL strings should explicitly show
> "NULL" as the problem.
> * Outside path, error and basic string processing, NULL pointers
> are invalid for mandatory parameters. Optional parameters are
> to be clearly documented as such (e.g. cancellation callbacks).
> * To make high-level functions e.g. within libclient robust against
> NULL pointers, use assertions. Don't try to mask those conditions
> and "limp on".
> Applied to svn_fs__path_valid and friends, they should be fixed
> to exhibit defined behaviour when called with NULL inputs.
> -- Stefan^2.
Received on 2016-01-26 23:57:22 CET