This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 09/23/2014 02:57 PM, Richard Earnshaw wrote:
On 23/09/14 13:41, Florian Weimer wrote:On 09/22/2014 06:09 PM, Richard Earnshaw wrote:These tests are not testing null pointers, they are testing that when given a zero length the functions actually read/write zero bytes. Whether the specification demands that behaviour is arguable but I believe that it is the most sane behaviour.Valid pointers is more than just non-NULL. In particular, it implies that is safe to dereference the addressed byte in a source operand even when the length parameter is zero.Valid pointers can also point one element past the end of an array of objects.I don't think such a pointer forms a valid argument for a library function though. See my previous reply to Paul.
They are a fairly common occurrence with the [first, last) iterator ranges in C++. It's common to compute a pointer/length pair {first, last - first} and pass that to C functions, including C library functions.
This pattern is already incorrect in important corner cases (e.g., iterators derived from empty vectors), but do we really have to make the situation even worse?
-- Florian Weimer / Red Hat Product Security
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |