Clarify functions should check for NULL pointers in documentation
May I politely make a documentation suggestion.
-
https://developer.gnome.org/documentation/guidelines/programming/writing-good-code.html
-
https://gitlab.gnome.org/GNOME/gtk/-/blob/main/docs/CODING-STYLE.md
-
...
Current behavior
Writing Good Code says "Users also appreciate correct code, since nobody likes software that crashes" Could this be expanded to clarify functions expecting a valid non-NULL pointer should check for NULL before dereferencing?
We all know NULL is a special case that functions may return to indicate there is no object at this pointer. I feel i's important to check for it in functions that require a valid pointer.
Note, checking for NULL is different from use-after-free bugs (that is someone passing a pointer that seems valid, due to a programming error, but was actually released back to the heap.
Expected outcome
Please consider updating the Writing Good Code to clarify functions should check parameters are valid pointers. Those functions could return an error code if they don't have a valid pointer they expect. This is a defensive programming approach.
It avoids things like the crash in disk manager. Even with a coredump backtrace it hasn't been fixed, users are punished. It would be better if the program just carried on after displaying a polite failure message to the user.
The GTK coding style has one NULL check example, it could be enhanced to show some example functions in say GLib that do check pointers for non-NULL before derferencing.
Version information
It's 11 March 2023 online documentation, today's website.
Additional information
There are lots of coding standards about avoiding dereferencing NULL pointers. CERT Secure Coding rule MSC06-C
CERT C Coding Standard EXP34-C. Do not dereference null pointers
Please let me know if any further information is required.