This is the mail archive of the
newlib@sources.redhat.com
mailing list for the newlib project.
RE: NULL guards for string functions
- From: "Karsten Fleischer" <K dot Fleischer at omnium dot de>
- To: <newlib at sourceware dot org>
- Cc: <newlib at sources dot redhat dot com>
- Date: Tue, 19 Aug 2003 01:22:04 +0200
- Subject: RE: NULL guards for string functions
- Organization: Omnium Software Engineering
> >According to C89/C99, "If an argument to a function has an
> invalid value
> >(such as a value outside the domain of the function, or a
> pointer outside
> >the address space of the program, or a null pointer, or a pointer to
> >non-modifiable storage when the corresponding parameter is not
> >const-qualified) or a type (after promotion) not expected by
> a function
> >with variable number of arguments, the behavior is undefined."
That's what I suspected. I always fail to find that kind of sentence in
this huge C99 pdf file.
> >What this means is that the kernel should not be passing a
> NULL pointer
> >to such functions and expecting them to work. As an
> example, the generic code for
> >glibc string functions does not check for NULL pointers either.
> >
> >It does not make sense to slow down these basic functions to
> handle a situation
> >that they are not defined to handle.
Depends on the POV.
I prefer to handle such things as NULL pointers in low level routines.
But I don't want to start a discussion here.
> >You should bring this
> up with the
> >cygwin developers as they can easily wrapper the functions
> to do automatic
> >NULL checking if it is a prevalent problem or else they can
> add checks
> >in specific pieces of code you have noted failures.
I was unsure if this was a cygwin or a newlib issue and I took the wrong
direction.
Sorry for the noise.
> Cygwin already has NULL-check guards on many functions. Apparently we
> missed mount. As Jeff mentioned, it makes no sense to slow
> down string
> operations this way.
OK. I not aware of other cygwin calls that do not check for NULL
currently.
Of course, it was also not correct to call mount() with NULL args.
Karsten