Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!uakari.primate.wisc.edu!aplcen!haven!adm!smoke!gwyn
From: gwyn@smoke.BRL.MIL (Doug Gwyn)
Newsgroups: comp.std.c
Subject: Re: Out-of-bounds pointers
Message-ID: <11234@smoke.BRL.MIL>
Date: 7 Oct 89 00:19:39 GMT
References: <1009@mtxinu.UUCP> <12570028@hpclwjm.HP.COM> <868@crdos1.crd.ge.COM> <217@bbxsda.UUCP>
Reply-To: gwyn@brl.arpa (Doug Gwyn)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 25

In article <217@bbxsda.UUCP> scott@bbxsda.UUCP (Scott Amspoker) writes:
-my_proc()
-   {
-   register char *p;
-   p = (char*)malloc(1000);
-   free(p);  /* free never returns but core dumps instead - why? */
-   }
-This seemingly innocent code could possibly error out according to the
-"rules of comformance" presented by some readers.

NO NO NO.  You have mispresented the argument.  So long as malloc()
(assumed to be properly declared!) doesn't return a null pointer,
the above will work in ALL conforming implementations.  The trouble
arises only when after the free() the pointer p (NOT what it points
to, that's inarguably invalid) continues to be examined or otherwise
manipulated by the program.

-Don't worry - all is not lost.  No one was able to come up with a real
-world example of something like this.  In other words - standards and
-ANSI drafts aside - you probably will not get into trouble unless you
-actually try to *de-reference* a bad pointer.

Nobody came up with YOUR example, but there were several examples
posted of genuine computer architectures where continued access of
an invalid pointer value would cause problems.