This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/21531] fclose with NULL is SEGV should set errno EFAULT or EBADF

From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Thu, 01 Jun 2017 15:31:28 +0000
Subject: [Bug libc/21531] fclose with NULL is SEGV should set errno EFAULT or EBADF
Auto-submitted: auto-generated
References: <bug-21531-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=21531

--- Comment #5 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
The glibc rule is that "If it's user code invoking undefined behavior, 
then it should fail early and catastrophically".  Thus NULL checks, where 
NULL is undefined behavior, should be avoided; an unconditional 
dereference is preferred (and if for any reason there is a check because 
there isn't an immediate unconditional dereference, such a check should 
call assert () and terminate the program).

https://sourceware.org/glibc/wiki/Style_and_Conventions#Bugs_in_the_user_program
https://sourceware.org/glibc/wiki/Style_and_Conventions#Invalid_pointers

The *_s functions are poorly designed (even for retrofitting existing 
low-quality code) and Annex K has been specifically rejected for glibc.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]