On Fri, 2021-07-09 at 16:17 +0200, Alejandro Colomar (man-pages) via
Gcc-help wrote:
> Hi Jonny, Segher,
>
> On 7/9/21 3:54 PM, Jonny Grant wrote:
> > Yes, this could work. But it does rely on programmer typing it like
> > that every time... Maybe an inline function better.
>
> I agree on that.
>
> >
> > inline size_t safestrlen(const char * s) {return s?strlen(s) : 0}
> >
> > Perhaps there are too many email addresses on this cc list now.
I think the discussion at least has nothing to do with linux-man or gcc-
help: man pages just describe the existing API (C or POSIX or Linux
specific), and GCC just compiles code and doesn't care what the API is.
Neither is a place to discuss "how to design an API".
And I think Jonny should discuss the API design with the users of his
API (maybe his collegue or downstream developers), instead of some
random guys in mail list. The users are the ones who will call his
function anyway so it's better to choose an API they like. Yes, Jonny
can "force" the users to do something for safety, but this decision
should also be discussed with them and documented. Or they won't
understand the decision, and may "invent" or "improvise" some "new
wheels", breaking Jonny's design.
For example, I don't like a function silently treats NULL as an empty
string. I prefer a function to abort() or print a log "strlen_checked()
is called with NULL, there is a bug in your code" when I (mis)use NULL.
But it's just my 2 cents: if the potential users of the API agree the
function to act as that, then it's good to go.
--
Xi Ruoyao <xry111@xxxxxxxxxxxxxxxx>
School of Aerospace Science and Technology, Xidian University
