GNOME Bugzilla – Bug 618201
Initialize return value when a callback throws
Last modified: 2010-05-13 14:13:31 UTC
If a callback throws an exception (or argument conversion fails), we still need to return something to C. Currently the return value is left uninitialized, and is junk memory. Initialize the return value to 0/0.0/NULL depending on the type. This might be an invalid return value or cause the caller to segfault in certain cases, but we can't really do better.
Created attachment 160671 [details] [review] Initialize return value when a callback throws
Review of attachment 160671 [details] [review]: ::: gi/arg.c @@ +1130,3 @@ + * is. It basically boils down to memset(arg, 0, sizeof(*arg)), but + * to return something to C. This function defines what that something +/* If a callback function with a return value throws, we still have Is there a reason for this over just memset (arg, 0, sizeof(*arg)) ?
Doesn't the comment(In reply to comment #2) > Review of attachment 160671 [details] [review]: > > ::: gi/arg.c > @@ +1130,3 @@ > + * is. It basically boils down to memset(arg, 0, sizeof(*arg)), but > + * to return something to C. This function defines what that something > +/* If a callback function with a return value throws, we still have > > Is there a reason for this over just memset (arg, 0, sizeof(*arg)) ? Doesn't the comment go on to explain that? A) I don't completely trust libffi to always provide a sizeof(GArgument) return buffer if the return value is smaller. I don't think it's documented to do that though reading the x86 implementation it does look like it. B) Having all the cases would theoretically give us the ability to do return something other than bitwise zero if appropriate. E.g., to return an empty hash table. (Not having allow-none for return annotations makes it a bit hard to know if we ever would want to do that.)
Review of attachment 160671 [details] [review]: Ok, makes sense, thanks!
Attachment 160671 [details] pushed as d3983b6 - Initialize return value when a callback throws