Date: Thu, 29 Jun 2006 11:44:23 -0400 From: Pat Lashley <patl+freebsd@volant.org> To: Stefan Farfeleder <stefan@fafoe.narf.at>, Andre Albsmeier <Andre.Albsmeier@siemens.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Return value of malloc(0) Message-ID: <805AA34B676EDF411B3CF548@Zelazny> In-Reply-To: <20060628212956.GI822@wombat.fafoe.narf.at> References: <20060628181045.GA54915@curry.mchp.siemens.de> <20060628212956.GI822@wombat.fafoe.narf.at>
next in thread | previous in thread | raw e-mail | index | archive | help
> The C Standard says the following about malloc(0):
>
> If the size of the space requested is zero, the behavior is
> implementation-defined: either a null pointer is returned, or the
> behavior is as if the size were some nonzero value, except that the
> returned pointer shall not be used to access an object.
>
> So our default behaviour to crash if a pointer returned by malloc(0) is
> dereferenced is legal and a good one because it catches errors like the
> above one.
No, our implementation is NOT legal. We always return the SAME value. To be
legal, we should not return that value again unless it has been free()-ed.
first = malloc(0) ;
second = malloc(0) ;
if ( first == second ) ERROR( "C standards violation" ) ;
Firefox, or the extension, has a bug in the code. It should not be attempting
to de-reference the result of a 'malloc(0)' call. They probably depend on
having it return NULL, which is checked elsewhere. (The fix is for them to test
for the size == zero case and just set the pointer to NULL instead of calling
malloc(0). But that's their problem, not ours.)
-Pat
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?805AA34B676EDF411B3CF548>