Out-of-bounds pointers
Scott Amspoker
scott at bbxsda.UUCP
Tue Oct 10 02:10:32 AEST 1989
In article <1989Oct7.131404.656 at jarvis.csri.toronto.edu> flaps at dgp.toronto.edu (Alan J Rosenthal) writes:
>scott at bbxsda.UUCP (Scott Amspoker) writes:
>>What was once bad coding style now was considered a bug. Take the following
>>code fragment as an example:
>>
>>my_proc()
>> {
>> register char *p;
>>
>> p = (char*)malloc(1000);
>> free(p); /* free never returns but core dumps instead - why? */
>> }
>No, no, no. It was never said that this code fragment wasn't conforming. It
It was never said that *this* particular example wasn't conforming. However,
as I pointed out in my posting, the various "rules" that were stated in the
prior thread would lead to the conclusion that this example was non-conforming.
I presented each rule leading to that conclusion. Please explain which
of the rules you disagree with.
>is, other than the missing declaration of malloc() which I assume you assumed
>was present previously in the file. free() has to work correctly. The user
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Precisely - so is there something wrong with the ANSI draft or what?
>cannot dereference invalid pointers, but the compiler can if it knows that it
>is safe to do so, and must not dereference invalid pointers if it doesn't know
>whether or not it is safe.
No pointer dereferencing took place at all in the example. (Now you know
why the prior thread went on so long :-).
>And this fragment was never considered bad coding style, again apart from the
>fact that you are mallocing memory and not doing anything with it. You seem to
This was a trivial example trying to make a point. I don't see any reason
to clutter it with "busy code" to make it look real. It is not too hard
to imagine that something "comforming" was done between malloc() and free().
>be claiming that use of free() is now non-portable and was always considered
>bad coding style.
I am saying that it is possible to come to the conclusion that free() is
not portable depending on how you interpret the ANSI draft. I was
pointing out something I thought was absurd. I expect the above program
(assuming the proper declaration of malloc() and that there is available
memory) to *always* work no matter what.
--
Scott Amspoker
Basis International, Albuquerque, NM
(505) 345-5232
More information about the Comp.std.c
mailing list