From owner-freebsd-hackers@FreeBSD.ORG  Fri Jun 30 16:18:49 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EC99516A407
	for <freebsd-hackers@freebsd.org>; Fri, 30 Jun 2006 16:18:49 +0000 (UTC)
	(envelope-from ticso@cicely12.cicely.de)
Received: from raven.bwct.de (raven.bwct.de [85.159.14.73])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1AE5A44525
	for <freebsd-hackers@freebsd.org>; Fri, 30 Jun 2006 16:18:48 +0000 (GMT)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely5.cicely.de ([10.1.1.7])
	by raven.bwct.de (8.13.4/8.13.4) with ESMTP id k5UGIkVO099877
	for <freebsd-hackers@freebsd.org>;
	Fri, 30 Jun 2006 18:18:46 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely12.cicely.de (cicely12.cicely.de [10.1.1.14])
	by cicely5.cicely.de (8.13.4/8.13.4) with ESMTP id k5UGIf2A003395
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-hackers@freebsd.org>;
	Fri, 30 Jun 2006 18:18:42 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely12.cicely.de (localhost [127.0.0.1])
	by cicely12.cicely.de (8.13.4/8.13.3) with ESMTP id k5UGIfxe020883
	for <freebsd-hackers@freebsd.org>;
	Fri, 30 Jun 2006 18:18:41 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: (from ticso@localhost)
	by cicely12.cicely.de (8.13.4/8.13.3/Submit) id k5UGIfxv020882
	for freebsd-hackers@freebsd.org; Fri, 30 Jun 2006 18:18:41 +0200 (CEST)
	(envelope-from ticso)
Date: Fri, 30 Jun 2006 18:18:41 +0200
From: Bernd Walter <ticso@cicely12.cicely.de>
To: freebsd-hackers@freebsd.org
Message-ID: <20060630161840.GU16775@cicely12.cicely.de>
References: <20060628181045.GA54915@curry.mchp.siemens.de>
	<20060629054222.GA92895@leiferikson.flosken.lan>
	<m3bqsceyf2.fsf@merlin.emma.line.org>
	<20060629162319.GA94921@leiferikson.flosken.lan>
	<m33bdnhnv7.fsf@merlin.emma.line.org>
	<20060630045937.GB97868@leiferikson.flosken.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20060630045937.GB97868@leiferikson.flosken.lan>
X-Operating-System: FreeBSD cicely12.cicely.de 5.4-STABLE alpha
User-Agent: Mutt/1.5.9i
X-Spam-Status: No, score=-4.4 required=5.0 autolearn=ham version=3.1.1
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on cicely12.cicely.de
Subject: Re: Return value of malloc(0)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: ticso@cicely.de
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jun 2006 16:18:50 -0000

On Fri, Jun 30, 2006 at 06:59:37AM +0200, Johannes Weiner wrote:
> Hi,
> 
> On Thu, Jun 29, 2006 at 07:29:16PM +0200, Matthias Andree wrote:
> > No, sir. Operator precedence: assign first, and then compare, thus the
> > comparison will always be true (else you'd be comparing to undefined
> > values, which isn't any better).  You might as well write:
> > 
> >  foo = malloc(0);
> >  /* make noise */
> 
> Ok, just for having it done:
> 
> 	if (foo == (foo = some_val))
> 
> .. would be right to check if foo stayed the same. No?
> 
> > There is no way to see a 0x800 return from malloc(0) as "error".
> 
> So noone should actually use malloc(0) and check the size_t argument before
> passing it, I guess.

But noone should dereference something beyound malloc'ed size.
The following code is broken no matter if x is 0 or anything else,
you always end up accessing data beyond allocated range:
foo = malloc(x);
foo[x] = bar;
It might be Ok not to check x when calling malloc, but is always
required to check if you access something outside the malloc'ed range
unless you can trust your size - in which case you wouldn't had
malloc'ed zero bytes anyway.

-- 
B.Walter                http://www.bwct.de      http://www.fizon.de
bernd@bwct.de           info@bwct.de            support@fizon.de