From owner-freebsd-hackers  Tue Oct 22 03:28:10 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id DAA20643
          for hackers-outgoing; Tue, 22 Oct 1996 03:28:10 -0700 (PDT)
Received: from zwei.siemens.at (zwei.siemens.at [193.81.246.12])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id DAA20628
          for <freebsd-hackers@freebsd.org>; Tue, 22 Oct 1996 03:28:00 -0700 (PDT)
Received: from sol1.gud.siemens.co.at (root@[10.1.143.100]) by zwei.siemens.at (8.7.5/8.7.3) with SMTP id MAA13337 for <freebsd-hackers@freebsd.org>; Tue, 22 Oct 1996 12:26:09 +0200 (MET DST)
Received: from ws2301.gud.siemens.co.at by sol1.gud.siemens.co.at with smtp
	(Smail3.1.28.1 #7 for <freebsd-hackers@freebsd.org>) 
	id m0vFe3J-00021FC; Tue, 22 Oct 96 12:27 MET DST
Received: by ws2301.gud.siemens.co.at (1.37.109.16/1.37)
	id AA287450007; Tue, 22 Oct 1996 12:26:47 +0200
From: "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at>
Message-Id: <199610221026.AA287450007@ws2301.gud.siemens.co.at>
Subject: Re: libc string routines don't check for NULL pointers
To: danny@panda.hilink.com.au (Daniel O'Callaghan)
Date: Tue, 22 Oct 1996 12:26:47 +0200 (MESZ)
Cc: freebsd-hackers@freebsd.org
In-Reply-To: <Pine.BSF.3.91.961022180422.548J-100000@panda.hilink.com.au> from "Daniel O'Callaghan" at Oct 22, 96 06:12:44 pm
X-Mailer: ELM [version 2.4 PL24 ME8a]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

E-mail message from Daniel O'Callaghan contained:
> 
> The string comparison (and other) routines in libc don't check for null 
> pointers being passed.  This results in SEGVs if one or both of the 
> string pointers being passed is NULL.  I can see a religious debate here, 
> but I'm going to raise the issue:  Should str*cmp() handle NULL arguments.
> 
> I have made the very simple change necessary to strcmp() for it to return
> 
> 	0 - strings are the same, or pointers are both NULL
> 	< 0 - s1 < s2, or s1 == NULL
> 	> 0 - s1 > s2 or s2 == NULL
> 
> I'd like to see my changes made to libc, but what do others think - 
> should it be just "the programmer's stupid fault" if (s)he passes a NULL 
> pointer to these routines, or should the routines handle NULL?

See the archives.  Take a look at comp.lang.c FAQ as well.

The general opinion is that 'char *a = 0;' is not a valid string; rather,
it's a null-pointer, dereferencing of which is not allowed.

I.e. the str* functions behave properly--"driver's fault"

/Marino
> 
> Danny
>