On Tue, Aug 26, 2014 at 3:02 PM, David Woodhouse <dwmw2 at infradead.org> wrote: > I'm not sure about "simpler"; it's a question of *where* we put the > simplicity, and where we put the burden. > The openconnect_strdup() approach puts the burden on the caller to > remember to do it for all strings which are passed in to libopenconnect. > Callers are likely to forget and that leads to hard-to-diagnose bugs. > On the other hand, if we do a single run through all the entry points, > mostly in library.c, which take strings from outside the application > that's mostly a one-off and should isolate us from that class of bug for > ever more. I think that's too much of a complexity, for such an issue. That could also very easily break in a rewrite of internal part of libopenconnect and would result in hard to find issues. Would it make sense to introduce new entry functions that will simply allocate the data they need? That would solve the issue, and will not require tracking each and every variable used internally. regards, Nikos