This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] string: Add tests for zero length string inputs

On 22 September 2014 09:09, Richard Earnshaw <> wrote:
> On 19/09/14 18:09, Will Newton wrote:
>> On 19 September 2014 04:23, OndÅej BÃlka <> wrote:
>>> On Tue, Sep 16, 2014 at 04:40:30PM -0700, Will Newton wrote:
>>>> For the string functions that take string lengths as an argument we
>>>> should ensure that no data is read or written if a length of zero is
>>>> specified. Pointers to PROT_NONE memory are used to ensure that any
>>>> reads or writes will cause a fault.
>>> You do not need these. C standard requires arguments to be valid
>>> pointers for most string functions, and they are already marked nonnull
>>> in header.
>>> Just adding size 0 to inputs would suffice.
>> These tests are not testing null pointers, they are testing that when
>> given a zero length the functions actually read/write zero bytes.
>> Whether the specification demands that behaviour is arguable but I
>> believe that it is the most sane behaviour.
> Valid pointers is more than just non-NULL.  In particular, it implies
> that is safe to dereference the addressed byte in a source operand even
> when the length parameter is zero.  Thus testing that no bytes are read
> would be incorrect.

If that is the case then I withdraw the patch. Is that requirement
documented anywhere?

Will Newton
Toolchain Working Group, Linaro

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]