Comment by cperciva
8 years ago
Even a >= check would have been suboptimal. Rather than
/* generated code */
if ( ++p == pe )
goto _test_eof;
or
/* generated code */
if ( ++p >= pe )
goto _test_eof;
they should have had
/* generated code */
if ( ++p == pe )
goto _test_eof;
assert(p < pe);
since having servers core dumping would have drawn attention to the bug in a way that counting one byte too many and then hitting _test_eof would not.
Some assert() macros are disabled on release builds, so that's not exactly safe either.
True, but I'd hope that NDEBUG is now widely recognized as being a horrible misfeature.
Yes, hate, hate NDEBUG. Such a terrible idea to disable assertions.