Out-of-bounds pointers

Scott Amspoker scott at bbxsda.UUCP
Tue Oct 10 02:10:32 AEST 1989 

In article <1989Oct7.131404.656 at jarvis.csri.toronto.edu> flaps at dgp.toronto.edu (Alan J Rosenthal) writes:
>scott at bbxsda.UUCP (Scott Amspoker) writes:
>>What was once bad coding style now was considered a bug.  Take the following
>>code fragment as an example:
>>
>>my_proc()
>>   {
>>   register char *p;
>>
>>   p = (char*)malloc(1000);
>>   free(p);  /* free never returns but core dumps instead - why? */
>>   }

>No, no, no.  It was never said that this code fragment wasn't conforming.  It

It was never said that *this* particular example wasn't conforming.  However,
as I pointed out in my posting, the various "rules" that were stated in the
prior thread would lead to the conclusion that this example was non-conforming.
I presented each rule leading to that conclusion.  Please explain which
of the rules you disagree with.

>is, other than the missing declaration of malloc() which I assume you assumed
>was present previously in the file.  free() has to work correctly.  The user
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Precisely - so is there something wrong with the ANSI draft or what?

>cannot dereference invalid pointers, but the compiler can if it knows that it
>is safe to do so, and must not dereference invalid pointers if it doesn't know
>whether or not it is safe.

No pointer dereferencing took place at all in the example.  (Now you know
why the prior thread went on so long :-).

>And this fragment was never considered bad coding style, again apart from the
>fact that you are mallocing memory and not doing anything with it.  You seem to

This was a trivial example trying to make a point.  I don't see any reason
to clutter it with "busy code" to make it look real.  It is not too hard
to imagine that something "comforming" was done between malloc() and free().

>be claiming that use of free() is now non-portable and was always considered
>bad coding style.

I am saying that it is possible to come to the conclusion that free() is
not portable depending on how you interpret the ANSI draft.   I was
pointing out something I thought was absurd.  I expect the above program
(assuming the proper declaration of malloc() and that there is available 
memory) to *always* work no matter what.


-- 
Scott Amspoker
Basis International, Albuquerque, NM
(505) 345-5232

More information about the Comp.std.c mailing list