Re: [dev] [st] [PATCH 4/3] tresize: remove unnecessary if

From: Connor Lane Smith <cls_AT_lubutu.com>
Date: Tue, 14 Apr 2015 16:33:56 +0100

On 14 April 2015 at 13:50, Dimitris Papastamos <sin_AT_2f30.org> wrote:
> dst and src are required to be valid objects even if n is 0, otherwise
> this is undefined behaviour.

I looked this up in C11. Seems to be the case:

> 7.24.2.1.2. The memcpy function copies n characters from the object
> pointed to by s2 into the object pointed to by s1.

> 6.2.6.1.2. Except for bit-fields, objects are composed of contiguous
> sequences of one or more bytes, ...

> 124) ... there are no pointers to or arrays of bit-field objects.

An object pointed to by s1 or s2 is guaranteed to be at least 1 byte
long, so memcpy is free to dereference the first byte of either,
whether or not n > 0.

I think it's a mistake that a libc actually go ahead and do this, but
the C standard suggests that it is permitted, so we should certainly
do the check.

cls
Received on Tue Apr 14 2015 - 17:33:56 CEST

This archive was generated by hypermail 2.3.0 : Tue Apr 14 2015 - 17:36:27 CEST