[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: unistring bug
From: |
Andy Wingo |
Subject: |
Re: unistring bug |
Date: |
Sun, 01 Apr 2012 14:07:48 -0700 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux) |
On Sun 01 Apr 2012 13:01, Bruno Haible <address@hidden> writes:
> This is normal documented behaviour. The function's description at [1]
>
> uint8_t * u32_to_u8 (const uint32_t *s, size_t n, uint8_t *resultbuf,
> size_t *lengthp)
>
> is preceded by the general conventions explanation [2]:
>
> Functions returning a string result take a (resultbuf, lengthp)
> argument pair. If resultbuf is not NULL and the result fits into
> *lengthp units, it is put in resultbuf, and resultbuf is returned.
> Otherwise, a freshly allocated string is returned. In both cases,
> *lengthp is set to the length (number of units) of the returned string.
> In case of error, NULL is returned and errno is set.
>
> In your program, the "Otherwise" applies, so:
> - A freshly allocated string is returned.
> - *lengthp is set to the length (number of units) of the returned string.
>
> Since you pass lengthp == a null pointer, you provoke a null pointer
> dereference.
Thanks for the explanation. I've fixed Guile's usage of this function
(introduced recently).
Regards,
Andy
--
http://wingolog.org/