This is the mail archive of the
newlib@sourceware.org
mailing list for the newlib project.
RE: Re: seekdir dereferences null
> -----Original Message-----
> From: newlib-owner@sourceware.org
> [mailto:newlib-owner@sourceware.org] On Behalf Of Eric Blake
> Sent: Thursday, December 04, 2008 18:27
> To: newlib@sources.redhat.com
> Subject: Re: seekdir dereferences null
> Where do the standards mandate that this is required to be
> supported? Aren't
> you just adding bloat? This is no different than calling
> strlen(NULL), and
> expecting a sensible result - the bug is in the RTEMS test
> suite for not
> passing a valid DIR* in the first place, and not in newlib
> for crashing on
> invalid input - garbage in, garbage out. I also think idea
> of returning EBADF
> is wrong here - a NULL DIR* should trigger EFAULT (bad
> pointer), not EBADF
> (good pointer, but to an unopened or otherwise bad DIR stream).
I fully support this position. I checked the POSIX document
yesterday, and it indeed does not say anything about a NULL DIR*,
but was ultimately too lazy to write out against this.
Eric's post has prodded me to post after all.
The majority of processors newlib runs on have MMU or at least
memory protection unit (MPU) support, or can emulate one using
the built-in debug unit. This is a much firmer basis
for handling illegal memory dereferences. Newlib should not be
bloated with more-or-less arbitrary checks.
Furthermore, I agree that EFAULT is the canonical errno value
for this case.
Regards,
Konrad Schwarz