Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 30 Oct 2022 18:11:07 +0100
From: Markus Wichmann <>
Subject: Re: Question on 2b2c8aafce9d80f9d58652643538f4d58e82b856

On Sun, Oct 30, 2022 at 06:29:54AM +0000, puwenxu wrote:
> Dear maintainer, I'm using musl now. When I was running some
> test case codes for musl, I found there may be a problem on
> modification of 2b2c8aafce9d80f9d58652643538f4d58e82b856.  As you can
> see in the picture, this modification assign buf to orig. Then, the
> orig will be assigned to buf again. If the original value of buf is
> NULL, the latter value of the buf will be NULL. However, assign out to
> buf will fail if buf is NULL.  [cid:image001.png@...8EC6C.12AE8540] I
> have written a simple file to verification my opinion. The test code
> and output is shown in the following picture. I think it may be better
> to add a check for buf in this situation.
> [cid:image002.png@...8EC6C.12AE8540]
> [cid:image003.png@...8EC6C.12AE8540] Looking forward to your reply.
> Wish Pu OS Kernel Lab


as the others already said, please avoid images if text would also do.

I do also note that it appears you Huawei people have a bee in your
bonnet about NULL pointer checks. musl does not plaster over bad
behavior. In the cases where a NULL pointer argument would be
dereferenced, it was undefined behavior to give a NULL pointer argument
in the first place. I do agree that programs need to be prevented from
dereferencing NULL pointers, but the place to do so is after creating
the pointers and before handing it to an API that does not accept NULL
pointers. And yes, it does suck that C is incapable of expressing the
idea of a non-nullable pointer natively, but C is the language we're
stuck with.

Your test program only shows that by default, dereferencing the NULL
pointer on Linux crashes. This is well-known, though not behavior you
can rely upon since it can be overridden if you know how. In any case,
having a pointer which ought to point at an object point to nothing is a
logic error that needs to be rectified in the calling code. Just check
your malloc() returns, it isn't that difficult!


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.