Date: Thu, 19 Feb 2004 18:43:24 +0100 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: kientzle@acm.org Cc: current@freebsd.org Subject: Re: standard error handling for malloc() broken for user root and group wheel Message-ID: <1978.1077212604@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 19 Feb 2004 08:45:00 PST." <4034E80C.5060505@kientzle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <4034E80C.5060505@kientzle.com>, Tim Kientzle writes: >Poul-Henning Kamp wrote: >> In message <4034700C.9090107@kientzle.com>, Tim Kientzle writes: >> >>>Aborting the program >>>on a failure to allocate memory is pretty clearly a violation >>>of the standard, which requires the malloc function to >>>always return. >> >> There is neither requirements nor guarantees how any function in >> the ansi/iso regime reacts if you grossly violate the API or stomp >> on random memory. > >If malloc's internal data structures are corrupted, I >completely agree that a prompt abort is appropriate. > >My concern is that the current 'A' flag aborts on a failure >to allocate, which is not a "gross violation" of the API. Right, it's my mistake that this was still there, it should have been removed a couple of years ago. It is removed in the patch I posted earlier. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1978.1077212604>