Date: Thu, 29 Jun 2006 11:44:23 -0400 From: Pat Lashley <patl+freebsd@volant.org> To: Stefan Farfeleder <stefan@fafoe.narf.at>, Andre Albsmeier <Andre.Albsmeier@siemens.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Return value of malloc(0) Message-ID: <805AA34B676EDF411B3CF548@Zelazny> In-Reply-To: <20060628212956.GI822@wombat.fafoe.narf.at> References: <20060628181045.GA54915@curry.mchp.siemens.de> <20060628212956.GI822@wombat.fafoe.narf.at>
next in thread | previous in thread | raw e-mail | index | archive | help
> The C Standard says the following about malloc(0): > > If the size of the space requested is zero, the behavior is > implementation-defined: either a null pointer is returned, or the > behavior is as if the size were some nonzero value, except that the > returned pointer shall not be used to access an object. > > So our default behaviour to crash if a pointer returned by malloc(0) is > dereferenced is legal and a good one because it catches errors like the > above one. No, our implementation is NOT legal. We always return the SAME value. To be legal, we should not return that value again unless it has been free()-ed. first = malloc(0) ; second = malloc(0) ; if ( first == second ) ERROR( "C standards violation" ) ; Firefox, or the extension, has a bug in the code. It should not be attempting to de-reference the result of a 'malloc(0)' call. They probably depend on having it return NULL, which is checked elsewhere. (The fix is for them to test for the size == zero case and just set the pointer to NULL instead of calling malloc(0). But that's their problem, not ours.) -Pat
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?805AA34B676EDF411B3CF548>