Subject: Re: sanity checking arguments to library functions...
To: None <tech-userlevel@netbsd.org>
From: Alan Barrett <apb@iafrica.com>
List: tech-userlevel
Date: 04/13/1999 17:02:30
On Tue, 13 Apr 1999, Luke Mewburn wrote:
> add stuff to all libc functions to sanity check arguments [...]
>
> i think this is a good idea, and unless it breaks standards, we should
> do it.
It doesn't break the C standard. ANSI/ISO 9899:1990 section 7.1.7 says:
.... If an argument to a function has an invalid value (such as
a value outside the domain of the function, or a pointer outside the
address space of the program, or a null pointer), the behavior is
undefined. ...
And, as all C language lawyers know, undefined behaviour means that
*anything* can happen, including stuff that you wouldn't normally expect
a program to be capable of doing. Sysloging and core dumping would
certainly be fine.
--apb (Alan Barrett)