<p>On 16/08/01 11:06, Denis Charmet wrote:</p>
<blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;color:#500050">
<pre><code>+char* vlc_stream_CreateFragmentedMRL( stream_t* s, char const * fragment )
+{
+ stream_priv_t *priv = (stream_priv_t*)s;
+
+ size_t offset = priv->fragments.offset;
+ char** data = priv->fragments.data;
+ char* mrl_cache = data[offset - 1];
+
+ char* payload;
+ char* result;
+
+ if( PrepareFragment( &payload, fragment, offset ) )
You might want to make sure that fragment is not NULL else there will be a segfault in
EscapeFragment.</code></pre>
</blockquote>
<p>I’d argue that the responsibility to not pass <code>NULL</code> as the value for the relevant parameter lies with the caller, not the underlying implementation.</p>
<p>In my opinion this certainly is one of those functions where passing <code>NULL</code> does not make a lot of sense philosophical speaking, and I am semi-against adding checks that simply protects something from invalid usage (instead of explicitly saying that such usage is ill-formed/undefined).</p>
<p>Nonetheless, I’d be happy to sprinkle a few <code>assert</code>s related to arguments passed, and update the documentation to make it more explicit about the pre-conditions of using this (and other introduced) function(s).</p>
<ul>
<li>Do you think that is a suitable middle ground?</li>
</ul>