Improve handling of invalid input in dlls/comctl32/datetime.c

[Nikolay Sivov]

On 12/26/2009 00:04, James McKenzie wrote:
> Nikolay Sivov wrote:
>    
>> On 12/25/2009 14:18, Gerald Pfeifer wrote:
>>      
>>> Otherwise max_count will be undefined in the following loop may do
>>> interesting things it seems.  (Does Coverity diagnose similar items?)
>>>
>>> Gerald
>>>
>>> ChangeLog:
>>> Improve handling of invalid input in DATETIME_ReturnFieldWidth.
>>>
>>> diff --git a/dlls/comctl32/datetime.c b/dlls/comctl32/datetime.c
>>> index c240d4f..08c7082 100644
>>> --- a/dlls/comctl32/datetime.c
>>> +++ b/dlls/comctl32/datetime.c
>>> @@ -38,6 +38,7 @@
>>>     *    -- FORMATCALLBACK
>>>     */
>>>
>>> +#include<assert.h>
>>>    #include<math.h>
>>>    #include<string.h>
>>>    #include<stdarg.h>
>>> @@ -619,6 +620,9 @@ DATETIME_ReturnFieldWidth (const DATETIME_INFO
>>> *infoPtr, HDC hdc, int count, SHO
>>>                lctype = LOCALE_SMONTHNAME1;
>>>                max_count = 12;
>>>                break;
>>> +        default:
>>> +            assert(0);
>>> +            max_count=0;
>>>            }
>>>
>>>            cx = 0;
>>>
>>>        
>> Hi, Gerald.
>>
>> This can't even happen. spec if filtered later with:
>> ---
>>          case THREECHARMONTH:
>>          case FULLMONTH:
>>          case THREECHARDAY:
>>          case FULLDAY:
>> ---
>> So no default case here.
>>
>>      
> Even if the default case cannot be reached, it is not a 'bad thing' to
> have one, even if it is an error message stating "Something went wrong,
> we should not get here" with an exit code...
>    
Why? There's no default case, treat is as 'if () {} else if () {} etc.'.
It's the same thing to have explicit initializers for all local 
variables even if I don't use it before
set some value. It's a pollution, especially if used to silence analyzer 
warnings.
> James McKenzie
>