krb5 commit [krb5-1.10]: Avoid side effects in assert expressions

Tom Yu tlyu at MIT.EDU
Fri Jan 11 15:32:13 EST 2013 

https://github.com/krb5/krb5/commit/4a5475fe5969a529e4bc9892dc2f7e17c0b6d685
commit 4a5475fe5969a529e4bc9892dc2f7e17c0b6d685
Author: Greg Hudson <ghudson at mit.edu>
Date:   Fri Mar 9 18:30:31 2012 +0000

    Avoid side effects in assert expressions
    
    asserts may be compiled out with -DNDEBUG, so it's wrong to use an
    assert expression with an important side effect.
    
    (We also have scores of side-effecting asserts in test programs, but
    those are less important and can be dealt with separately.)
    
    (cherry picked from commit 221cd4a23691601a14500bc00146c265b50bdc94)
    
    ticket: 7542 (new)
    version_fixed: 1.10.4
    status: resolved

 src/lib/apputils/net-server.c |    5 ++++-
 src/lib/crypto/krb/cf2.c      |    3 ++-
 src/util/et/com_err.c         |   12 ++++++++----
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 43be27c..ba4d216 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -1103,7 +1103,10 @@ static void
 do_network_reconfig(verto_ctx *ctx, verto_ev *ev)
 {
     struct connection *conn = verto_get_private(ev);
-    assert(loop_setup_network(ctx, conn->handle, conn->prog) == 0);
+    if (loop_setup_network(ctx, conn->handle, conn->prog) != 0) {
+        krb5_klog_syslog(LOG_ERR, _("Failed to reconfigure network, exiting"));
+        verto_break(ctx);
+    }
 }
 
 static int
diff --git a/src/lib/crypto/krb/cf2.c b/src/lib/crypto/krb/cf2.c
index 5f82d62..7334ed1 100644
--- a/src/lib/crypto/krb/cf2.c
+++ b/src/lib/crypto/krb/cf2.c
@@ -107,7 +107,8 @@ krb5_c_fx_cf2_simple(krb5_context context,
         return KRB5_BAD_ENCTYPE;
     out_enctype_num = k1->enctype;
     assert(out != NULL);
-    assert((out_enctype = find_enctype(out_enctype_num)) != NULL);
+    out_enctype = find_enctype(out_enctype_num);
+    assert(out_enctype != NULL);
     if (out_enctype->prf == NULL) {
         if (context)
             krb5int_set_error(&(context->err), KRB5_CRYPTO_INTERNAL,
diff --git a/src/util/et/com_err.c b/src/util/et/com_err.c
index aaba897..96922ec 100644
--- a/src/util/et/com_err.c
+++ b/src/util/et/com_err.c
@@ -154,8 +154,10 @@ et_old_error_hook_func set_com_err_hook (et_old_error_hook_func new_proc)
     et_old_error_hook_func x;
 
     /* Broken initialization?  What can we do?  */
-    assert(com_err_finish_init() == 0);
-    assert(com_err_lock_hook_handle() == 0);
+    if (com_err_finish_init() != 0)
+        abort();
+    if (com_err_lock_hook_handle() != 0)
+        abort();
     x = com_err_hook;
     com_err_hook = new_proc;
     k5_mutex_unlock(&com_err_hook_lock);
@@ -167,8 +169,10 @@ et_old_error_hook_func reset_com_err_hook ()
     et_old_error_hook_func x;
 
     /* Broken initialization?  What can we do?  */
-    assert(com_err_finish_init() == 0);
-    assert(com_err_lock_hook_handle() == 0);
+    if (com_err_finish_init() != 0)
+        abort();
+    if (com_err_lock_hook_handle() != 0)
+        abort();
     x = com_err_hook;
     com_err_hook = NULL;
     k5_mutex_unlock(&com_err_hook_lock);

More information about the cvs-krb5 mailing list