Originally published by Robert Beisert at fortcollinsprogram.robert-beisert.com

Bad Practice: ASSERT()

During my recent experimentation with the OpenSSL API, I have run across this style of error handling:

[code language=”c”]

char * astring = set_value();

ssl_err = ERR_get_error();


ASSERT(NULL != astring);

if(!(NULL != astring))


print_error_string(ssl_err, "Error initializing astring");





I have come to understand that the ASSERT() function is a test which breaks out of the program on failure. This means that in the example code openssl-bio-fetch.c, we have dozens of possible escape cases within the code, none of which we actually deal with. Functionally, this resembles dozens of separate programs compiled out of the same source, where the decision between programs is determined by each possible error case.


The better solution, which I will discuss in a later post, is the “if-else” chain, which allows us to both test for errors and clean up specifically after each error.