This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/21531] fclose with NULL is SEGV should set errno EFAULT or EBADF
- From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 01 Jun 2017 15:31:28 +0000
- Subject: [Bug libc/21531] fclose with NULL is SEGV should set errno EFAULT or EBADF
- Auto-submitted: auto-generated
- References: <bug-21531-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=21531
--- Comment #5 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
The glibc rule is that "If it's user code invoking undefined behavior,
then it should fail early and catastrophically". Thus NULL checks, where
NULL is undefined behavior, should be avoided; an unconditional
dereference is preferred (and if for any reason there is a check because
there isn't an immediate unconditional dereference, such a check should
call assert () and terminate the program).
https://sourceware.org/glibc/wiki/Style_and_Conventions#Bugs_in_the_user_program
https://sourceware.org/glibc/wiki/Style_and_Conventions#Invalid_pointers
The *_s functions are poorly designed (even for retrofitting existing
low-quality code) and Annex K has been specifically rejected for glibc.
--
You are receiving this mail because:
You are on the CC list for the bug.