seekdir dereferences null

[Eric Blake]

Howland Craig D (Craig <howland <at> LGSInnovations.com> writes:

> > Another bug picked up by the RTEMS test suite.
> >
> > seekdir(NULL, 0) core dumps.

Where do the standards mandate that this is required to be supported?  Aren't 
you just adding bloat?  This is no different than calling strlen(NULL), and 
expecting a sensible result - the bug is in the RTEMS test suite for not 
passing a valid DIR* in the first place, and not in newlib for crashing on 
invalid input - garbage in, garbage out.  I also think idea of returning EBADF 
is wrong here - a NULL DIR* should trigger EFAULT (bad pointer), not EBADF 
(good pointer, but to an unopened or otherwise bad DIR stream).

In other words, since a valid program should never be passing NULL in the first 
place, this proposed patch is just bloating things for the single case of NULL, 
without helping for the more generic QoI issue of detecting _all_ invalid 
pointers.  The best solution, if you are going for QoI, is the much bigger task 
of figuring out how to write a SIGBUS/SIGSEGV handler that decides whether the 
fault occurred inside a newlib function, in which case execution is resumed 
with that library function failing with EFAULT (cygwin has managed to do 
something like this), at which point filtering out for just NULL actually slows 
things down (it is more efficient to let a signal/exception handler deal with 
the corner case of bad code than to add a branch to the common case of good 
code).

-- 
Eric Blake