Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent trun

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent trun

From:	Paul Eggert
Subject:	Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent truncation
Date:	Wed, 22 Jan 2025 17:23:38 -0800
User-agent:	Mozilla Thunderbird

On 1/22/25 14:24, Stefan Kangas wrote:

the eassert you added should do that job too, so what
would be the reasons for still preferring sprintf?

For instance, I might have made a mistake writing the eassert. (Iactually did make such mistakes in earlier editions of that patch, whichyou didn't see....)

There's a philosophical issue here. Some people feel safer writing codethat double- or triple-checks. Others feel safer having just one checkbut having it be really reliable. I'm more in the latter camp, partlybecause the extra checking is a maintenance cost that in turn makessoftware less reliable because maintainers waste their time dealing withthese feel-good checks.

Besides, GNU Emacs and the GNU Coding Standards fall squarely in the "noarbitrary limits" camp, and snprintf inherently is a bad fit. It's thesame reason Emacs doesn't use strlcpy.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent truncation, Stefan Kangas, 2025/01/22
- Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent truncation, Paul Eggert <=

Prev by Date: Re: Integration of Info manuals in programming modes, Re: Integration of Info manuals in programming modes
Next by Date: Re: master ab3cb717a08: ; "time stamp" also can be spelled "timestamp"
Previous by thread: Re: master 8ff7338fdd0 1/4: When debugging image.c, abort if silent truncation
Next by thread: Re: master ab3cb717a08: ; "time stamp" also can be spelled "timestamp"
Index(es):
- Date
- Thread