On 2024-09-10 12:31:24 +0100, Geoff Clare via austin-group-l at The Open Group wrote: > I think what the C standard says for <string.h> is just a reminder > that the general rule about invalid arguments still applies even in > the case when a length of zero is specified. The actual requirements > relating to invalid arguments are in 7.1.4 in C23 and XSH 2.1.1 in > POSIX.1-2024. > > The POSIX text is: > > If an argument to a function has an invalid value, such as a value > outside the domain of the function, a pointer to an object whose > lifetime has ended (even if a new object now has the same address), > a pointer outside the address space of the program, or a null > pointer, the behavior is undefined. > > This forbids passing a null pointer to strnlen() (regardless of what > the given length is) since there is no explicit statement that a null > pointer is allowed. Compare with strxfrm() where the description > says "If n is 0, s1 is permitted to be a null pointer."
OK. Then what about free(NULL)? Note that https://pubs.opengroup.org/onlinepubs/9799919799/functions/free.html documents the behavior on the null pointer, but has no text to *allow* it, exactly like the strnlen(0,0) case (where the description is sufficient to determine the behavior if this case is allowed). -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)