Vincent Lefevre wrote, on 10 Sep 2024:
>
> On 2024-09-10 11:45:54 +0100, Jonathan Wakely wrote:
> > The C standard says you cannot pass null pointers to functions in
> > <string.h> even with a length of zero. I think it's reasonable to
> > assume that the rules for all functions in <string.h> in the C
> > standard also apply to POSIX extensions in <string.h>.
>
> Perhaps. Currently
>
> https://pubs.opengroup.org/onlinepubs/9799919799/basedefs/string.h.html
>
> says nothing about that.
I think what the C standard says for <string.h> is just a reminder
that the general rule about invalid arguments still applies even in
the case when a length of zero is specified. The actual requirements
relating to invalid arguments are in 7.1.4 in C23 and XSH 2.1.1 in
POSIX.1-2024.
The POSIX text is:
If an argument to a function has an invalid value, such as a value
outside the domain of the function, a pointer to an object whose
lifetime has ended (even if a new object now has the same address),
a pointer outside the address space of the program, or a null
pointer, the behavior is undefined.
This forbids passing a null pointer to strnlen() (regardless of what
the given length is) since there is no explicit statement that a null
pointer is allowed. Compare with strxfrm() where the description
says "If n is 0, s1 is permitted to be a null pointer."
--
Geoff Clare <g.cl...@opengroup.org>
The Open Group, Apex Plaza, Forbury Road, Reading, RG1 1AX, England
