On Wed, 24 Sep 2014, David Malcolm wrote: > The ideal I'm aiming for here is that a well-behaved library should > never abort, so I've rewritten these functions to use vasprintf, and > added error-handling checks to cover the case where malloc returns NULL > within vasprintf.
GCC is designed on the basis of aborting on allocation failures - as is GMP, which allows custom allocation functions to be specified but still requires them to exit the program rather than return, longjmp or throw an exception. > I believe this fixes the specific issues you pointed out (apart from the > numerous missing API comments, which I'll do it a followup). Note that > there's still a fixed-size buffer within gcc::jit::recording::context, > the field: > > char m_first_error_str[1024]; > > Currently this is populated using strncpy followed by an explicit write > of a truncation byte to make sure, but it *is* another truncation. > > Presumably I should address this in a followup, by making that be > dynamically-allocated? Yes. Arbitrary limits should be avoided in GNU. -- Joseph S. Myers jos...@codesourcery.com
