Silent errors, can terminate application #516
Description
include/rfl/avro/Writer.hpp
Comment on lines +137 to +140
int result = avro_value_append(&parent->val, &new_value, nullptr);
if (result != 0) {
return OutputVarType{parent->val};
}
@gemini-code-assist gemini-code-assist bot 2 hours ago
critical
The error handling for avro_value_append appears to be incorrect. When result != 0, an error has occurred, but the function returns OutputVarType{parent->val}. This returns the parent container as if it were the newly added value, which is misleading and can lead to silent data corruption. The caller has no way of knowing that the append operation failed because the function is marked noexcept.
This pattern is repeated in add_value_to_map, add_value_to_object, and add_value_to_union.
A noexcept function that encounters an error it cannot handle should either terminate (e.g., std::terminate()) or have a mechanism to signal the error state to the caller without exceptions. Simply returning an incorrect value silently is dangerous.
Consider changing the write pipeline to propagate errors, perhaps by removing noexcept and returning a rfl::Result. If noexcept must be preserved, the Writer could maintain an internal error state that can be checked after the write operation is complete