This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 1/3] posix: Remove dynamic memory allocation from execl{e,p}
- From: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>
- To: Paul Eggert <eggert at cs dot ucla dot edu>, libc-alpha at sourceware dot org
- Date: Fri, 26 Feb 2016 16:40:42 -0300
- Subject: Re: [PATCH 1/3] posix: Remove dynamic memory allocation from execl{e,p}
- Authentication-results: sourceware.org; auth=none
- References: <1456495001-5298-1-git-send-email-adhemerval dot zanella at linaro dot org> <1456495001-5298-2-git-send-email-adhemerval dot zanella at linaro dot org> <56D09DD3 dot 2050601 at cs dot ucla dot edu>
On 26-02-2016 15:47, Paul Eggert wrote:
> On 02/26/2016 05:56 AM, Adhemerval Zanella wrote:
>> + for (i = 1; i < argc; i++)
>> + argv[i] = va_arg (ap, char *);
>> + argv[i] = NULL;
>
> Change "i < argc" to "i <= argc" and remove the "argv[i] = NULL;", as that's a bit simpler and faster.
I added to make it explicit, I will change that.
>
>> + int i;
>> + char *argv[argc + 1];
>> + char **envp;
>> + va_start (ap, arg);
>> + argv[0] = (char *) arg;
>> + for (i = 1; i <= argc; i++)
>
> This sort of thing has undefined behavior on x86-64 if argc == INT_MAX. You can fix this by changing the type of argc and of i from int to ptrdiff_t.
>
Indeed, but afaik this code won't execute if argc == INT_MAX (the argument
sanity check will make the function with E2BIG).
>> + if (argc == INT_MAX)
>> {
>> + errno = E2BIG;
>> + return -1;
>> }
>
> Doesn't that have undefined behavior? My impression from C11 is that since the function has called va_start it must call va_end before returning.
>
Yes, I will remove it.
>> + continue;
>> }
>
> That 'continue;' is redundant and should be removed.
I will remove it.