Darren Moffat wrote: > ???James Carlson wrote: [...] > > So, with this one under our belts, should we also fix up the > str*(3C) > > family of functions so that they quietly ignore NULL pointers as > well? > > The goal of this case was parity with the other mentioned libc > implementations. I have looked at what the others do for strlen(NULL) > and they will SEGV on that. I haven't looked at every str*(3C) > function.
That's fine, but FYI, the Microsoft C runtime does this substitution of "" for NULL in the str* functions. (Or they used to. I haven't tried recently.) > > An application that's incautious with NULL can't possibly just make > > that mistake with printf alone, can it? > > Probably not but this is a "safety net" that is available on other > platforms. Similar saftey nets for the str*(3C) functions don't at > initial glance appear to exist. > > If the applicaiton/lib is that free and loose with NULL then we still > have the ability to LD_PRELOAD=0 at 0.so.1 if the code can't be fixed. And for the record, that is not a sufficient solution, because then you won't trap on other errant NULL pointers. But again, OK, not this case. > This case is about fixing the very commonly encountered case and the > case were Solaris is disastrously different to the common platforms. > > > Is NULL the only bad pointer worth caring about? What sorts of bad > > pointer checks need to be made so that malfunctioning applications > can > > continue running without dropping core? How deep does the rabbit > hole > > go? > > The Rabbit hole is very deep but this case is just about getting > dinner > for tonight, someone else can explore the rest of the warren. Understood. Later discussion is concerned with what to replace the null pointer with. Here's a suggestion for that: In libc:printf #pragma weak _printf_null_str_replacment() const char * _printf_null_str_replacement() { return (""); } and in printf if (str_ptr == NULL) str_ptr = _printf_null_str_replacement(); and then let whatever links with libc provide something different if it wants to. I.e. to get SIGSEGV: provide a function that returns NULL instead.