This is the mail archive of the
newlib@sourceware.org
mailing list for the newlib project.
Re: seekdir dereferences null
Howland Craig D (Craig <howland <at> LGSInnovations.com> writes:
> > Another bug picked up by the RTEMS test suite.
> >
> > seekdir(NULL, 0) core dumps.
Where do the standards mandate that this is required to be supported? Aren't
you just adding bloat? This is no different than calling strlen(NULL), and
expecting a sensible result - the bug is in the RTEMS test suite for not
passing a valid DIR* in the first place, and not in newlib for crashing on
invalid input - garbage in, garbage out. I also think idea of returning EBADF
is wrong here - a NULL DIR* should trigger EFAULT (bad pointer), not EBADF
(good pointer, but to an unopened or otherwise bad DIR stream).
In other words, since a valid program should never be passing NULL in the first
place, this proposed patch is just bloating things for the single case of NULL,
without helping for the more generic QoI issue of detecting _all_ invalid
pointers. The best solution, if you are going for QoI, is the much bigger task
of figuring out how to write a SIGBUS/SIGSEGV handler that decides whether the
fault occurred inside a newlib function, in which case execution is resumed
with that library function failing with EFAULT (cygwin has managed to do
something like this), at which point filtering out for just NULL actually slows
things down (it is more efficient to let a signal/exception handler deal with
the corner case of bad code than to add a branch to the common case of good
code).
--
Eric Blake