This modifies filter_get() to return NULL if an invalid filter number
is given, rather than aborting the process. This way applications
can loop over all filters without having to include filter_cmd.lsg.h.
filter_name(), which also receives a filter number, has no such
sanity check and could possibly access uninitialized memory if an
invalid argument was passed. This commit adds the check and makes the
function return NULL in this case, just like filter_get(). Moreover,
the function lacked documentation, so let's add it now.
*
* \param filter_num Between zero and NUM_SUPPORTED_FILTERS, inclusively.
*
*
* \param filter_num Between zero and NUM_SUPPORTED_FILTERS, inclusively.
*
- * \return Pointer to the filter identified by the given filter number.
+ * \return Pointer to the filter identified by the given filter number, or
+ * NULL if the filter number is out of range.
- * It is a fatal error if the given number is out of range. In this case
- * the function aborts.
*/
const struct filter *filter_get(int filter_num)
{
*/
const struct filter *filter_get(int filter_num)
{
- assert(filter_num >= 1);
- assert(filter_num <= LSG_NUM_FILTER_CMD_SUBCOMMANDS);
+ if (filter_num < 1 || filter_num > LSG_NUM_FILTER_CMD_SUBCOMMANDS)
+ return NULL;
return lls_user_data(FILTER_CMD(filter_num));
}
return lls_user_data(FILTER_CMD(filter_num));
}
return lls_user_data(FILTER_CMD(filter_num));
}
return lls_user_data(FILTER_CMD(filter_num));
}
+/**
+ * Return the name of a filter, given its number.
+ *
+ * \param filter_num See \ref filter_get().
+ *
+ * \return A pointer to a string literal, or NULL if filter_num is out of
+ * range. The caller must not attempt to call free(3) on the returned pointer.
+ */
const char *filter_name(int filter_num)
{
const char *filter_name(int filter_num)
{
+ if (filter_num < 1 || filter_num > LSG_NUM_FILTER_CMD_SUBCOMMANDS)
+ return NULL;
return lls_command_name(FILTER_CMD(filter_num));
}
return lls_command_name(FILTER_CMD(filter_num));
}