httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: [PATCH] ap_cpystrn() function, replace strncpy() Take II
Date Sat, 27 Dec 1997 03:32:47 GMT
On Fri, 26 Dec 1997, Jim Jagielski wrote:

> Dean Gaudet wrote:
> > 
> > The reason I initialized "end = dst + dst_size - 1" after the dst_size ==
> > 0 test is that if dst_size == 0 then you've set end = &dst[-1], which
> > isn't always valid ansi C...
> 
> I'm almost sure that isn't true. After all, we are simply setting
> a pointer value; there is no sense at all of dst's "allocation";

Setting a pointer value _can_ result in undefined behaviour for various
reasons (eg. outside the range) unless done in certain places.

As an example, from the talk about pointer addition from section 6.3.6 of
the C9x working draft dated 1197-11-21:  (I don't think I am allowed to
post the below, so pretend I'm not...)

       [#8] When an expression that has integer type is added to or
       subtracted  from  a  pointer, the result has the type of the
       pointer operand.   If  the  pointer  operand  points  to  an
       element  of  an array object, and the array is large enough,
       the result points to an element  offset  from  the  original
       element  such  that  the difference of the subscripts of the
       resulting and original array  elements  equals  the  integer
       expression.   In  other words, if the expression P points to
       the i-th element of an array object, the  expressions  (P)+N
       (equivalently,  N+(P))  and  (P)-N (where N has the value n)
       point to, respectively, the i+n-th and i- n-th  elements  of
       the  array  object,  provided  they exist.  Moreover, if the
       expression P points to the last element of an array  object,
       the expression (P)+1 points one past the last element of the
       array object, and if the expression Q points  one  past  the
       last element of an array object, the expression (Q)-1 points
       to the last element  of  the  array  object.   If  both  the
       pointer operand and the result point to elements of the same
       array object, or one past the  last  element  of  the  array
       object,  the  evaluation  shall  not  produce  an  overflow;
       otherwise, the  behavior  is  undefined.   Unless  both  the
       pointer operand and the result point to elements of the same
       array object, or the pointer operand  points  one  past  the
       last  element of an array object and the result points to an
       element of the same array object, the behavior is  undefined
       if  the  result  is used as an operand of a unary * operator
       that is actually evaluated.

Since subscripting is defined in terms of addition, the same thing
applies.  I think this says that:

        char foo[100];
        char *bar = &foo[-1];

is not always valid, but:

	char *bar = &foo[100]

would be.  (foo[100] is one past the end of the array)

In practice, I would be very suprised if anything had any problems with
such a thing (well, it may not give proper results if you try to read from
it) because much incorrect code would break.


Mime
View raw message