Darren Moffat wrote:
> ???James Carlson wrote:
[...]
> > So, with this one under our belts, should we also fix up the
> str*(3C)
> > family of functions so that they quietly ignore NULL pointers as
> well?
>
> The goal of this case was parity with the other mentioned libc
> implementations. I have looked at what the others do for strlen(NULL)
> and they will SEGV on that. I haven't looked at every str*(3C)
> function.
That's fine, but FYI, the Microsoft C runtime does this
substitution of "" for NULL in the str* functions.
(Or they used to. I haven't tried recently.)
> > An application that's incautious with NULL can't possibly just make
> > that mistake with printf alone, can it?
>
> Probably not but this is a "safety net" that is available on other
> platforms. Similar saftey nets for the str*(3C) functions don't at
> initial glance appear to exist.
>
> If the applicaiton/lib is that free and loose with NULL then we still
> have the ability to LD_PRELOAD=0 at 0.so.1 if the code can't be fixed.
And for the record, that is not a sufficient solution,
because then you won't trap on other errant NULL pointers.
But again, OK, not this case.
> This case is about fixing the very commonly encountered case and the
> case were Solaris is disastrously different to the common platforms.
>
> > Is NULL the only bad pointer worth caring about? What sorts of bad
> > pointer checks need to be made so that malfunctioning applications
> can
> > continue running without dropping core? How deep does the rabbit
> hole
> > go?
>
> The Rabbit hole is very deep but this case is just about getting
> dinner
> for tonight, someone else can explore the rest of the warren.
Understood. Later discussion is concerned with what to replace
the null pointer with. Here's a suggestion for that:
In libc:printf
#pragma weak _printf_null_str_replacment()
const char *
_printf_null_str_replacement() { return (""); }
and in printf
if (str_ptr == NULL)
str_ptr = _printf_null_str_replacement();
and then let whatever links with libc provide something
different if it wants to. I.e. to get SIGSEGV:
provide a function that returns NULL instead.
