From owner-freebsd-current@FreeBSD.ORG  Thu Feb 19 00:13:04 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3E40616A4CE
	for <current@freebsd.org>; Thu, 19 Feb 2004 00:13:04 -0800 (PST)
Received: from kientzle.com (h-66-166-149-50.SNVACAID.covad.net
	[66.166.149.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E79CB43D1D
	for <current@freebsd.org>; Thu, 19 Feb 2004 00:13:03 -0800 (PST)
	(envelope-from tim@kientzle.com)
Received: from kientzle.com ([66.166.149.54])
	by kientzle.com (8.12.9/8.12.9) with ESMTP id i1J8D2kX062321;
	Thu, 19 Feb 2004 00:13:02 -0800 (PST)
	(envelope-from tim@kientzle.com)
Message-ID: <4034700C.9090107@kientzle.com>
Date: Thu, 19 Feb 2004 00:13:00 -0800
From: Tim Kientzle <tim@kientzle.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20031006
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Bruce Evans <bde@zeta.org.au>
References: <9567.1077094252@critter.freebsd.dk>
	<20040219121708.U23382@gamplex.bde.org>
In-Reply-To: <20040219121708.U23382@gamplex.bde.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>
cc: current@freebsd.org
Subject: Re: standard error handling for malloc() broken for user root and
 group wheel
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: kientzle@acm.org
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Feb 2004 08:13:04 -0000

On Wed, 18 Feb 2004, Poul-Henning Kamp wrote:
>
>The situations which can result in the 'a' vs 'A' flag making a
>difference in malloc(3) behavior are all violations of the malloc(3)
>API as defined by ISO C and as such the standard defines the behaviour
>as "undefined".

ANSI/ISO 9899-1990, Section 7.10.3.3 clearly states:

    "The malloc function returns either a null pointer
     or a pointer to the allocated space."

There are no "undefined" possibilities here.  Aborting the program
on a failure to allocate memory is pretty clearly a violation
of the standard, which requires the malloc function to
always return.

Tim Kientzle