Michael Paquier <michael.paquier@gmail.com> writes:
> And with an actual patch things are better.
Working through this patch, it suddenly strikes me that we are going
about fixing the callers of simple_prompt the wrong way. The existing
definition with returning a malloc'd string creates a hazard of malloc
failure, and it *also* creates a hazard of not remembering to free the
result. Moreover, there are almost no callers that want a max result
longer than ~100 bytes. Seems like it would be a whole lot easier all
around to make the caller supply the buffer, ie typical call would be
roughly
char buf[100];
simple_prompt("Password: ", buf, sizeof(buf), false);
Callers that want to deal with a malloc'd buffer (all one of them, looks
like) can do it themselves, for basically only one more line than is
needed now.
regards, tom lane