NULL guards for string functions

Karsten Fleischer
Wed Aug 20 18:47:00 GMT 2003

> >According to C89/C99, "If an argument to a function has an 
> invalid value
> >(such as a value outside the domain of the function, or a 
> pointer outside
> >the address space of the program, or a null pointer, or a pointer to 
> >non-modifiable storage when the corresponding parameter is not 
> >const-qualified) or a type (after promotion) not expected by 
> a function
> >with variable number of arguments, the behavior is undefined."

That's what I suspected. I always fail to find that kind of sentence in
this huge C99 pdf file.

> >What this means is that the kernel should not be passing a 
> NULL pointer
> >to such functions and expecting them to work.  As an 
> example, the generic code for
> >glibc string functions does not check for NULL pointers either. 
> >
> >It does not make sense to slow down these basic functions to 
> handle a situation
> >that they are not defined to handle.  

Depends on the POV.
I prefer to handle such things as NULL pointers in low level routines.
But I don't want to start a discussion here.

> >You should bring this 
> up with the
> >cygwin developers as they can easily wrapper the functions 
> to do automatic
> >NULL checking if it is a prevalent problem or else they can 
> add checks
> >in specific pieces of code you have noted failures.

I was unsure if this was a cygwin or a newlib issue and I took the wrong
Sorry for the noise.

> Cygwin already has NULL-check guards on many functions.  Apparently we
> missed mount.  As Jeff mentioned, it makes no sense to slow 
> down string
> operations this way.

OK. I not aware of other cygwin calls that do not check for NULL
Of course, it was also not correct to call mount() with NULL args.


More information about the Newlib mailing list