Vincent Lefevre wrote, on 10 Sep 2024: > > On 2024-09-10 11:45:54 +0100, Jonathan Wakely wrote: > > The C standard says you cannot pass null pointers to functions in > > <string.h> even with a length of zero. I think it's reasonable to > > assume that the rules for all functions in <string.h> in the C > > standard also apply to POSIX extensions in <string.h>. > > Perhaps. Currently > > https://pubs.opengroup.org/onlinepubs/9799919799/basedefs/string.h.html > > says nothing about that.
I think what the C standard says for <string.h> is just a reminder that the general rule about invalid arguments still applies even in the case when a length of zero is specified. The actual requirements relating to invalid arguments are in 7.1.4 in C23 and XSH 2.1.1 in POSIX.1-2024. The POSIX text is: If an argument to a function has an invalid value, such as a value outside the domain of the function, a pointer to an object whose lifetime has ended (even if a new object now has the same address), a pointer outside the address space of the program, or a null pointer, the behavior is undefined. This forbids passing a null pointer to strnlen() (regardless of what the given length is) since there is no explicit statement that a null pointer is allowed. Compare with strxfrm() where the description says "If n is 0, s1 is permitted to be a null pointer." -- Geoff Clare <g.cl...@opengroup.org> The Open Group, Apex Plaza, Forbury Road, Reading, RG1 1AX, England