Path: utzoo!attcan!uunet!samsung!brutus.cs.uiuc.edu!wuarchive!uwm.edu!uwvax!umn-d-ub!umn-cs!nis!pwcs!stag!syntel!dal
From: dal@syntel.mn.org (Dale Schumacher)
Newsgroups: comp.os.minix
Subject: Re: POSIX
Summary: There _IS_ a bug in closedir()
Message-ID: <092789A7523@syntel.mn.org>
Date: 28 Oct 89 01:13:08 GMT
Reply-To: dal@syntel.mn.org (Dale Schumacher)
Lines: 46
X-Member-Of: STdNET (ST Developer's Network)

truesdel@sun217..nas.nasa.gov (David A. Truesdell) writes:
|ast@cs.vu.nl (Andy Tanenbaum) writes:
|>Perhaps it wasn't a bug previously, but has to be regarded as a bug now
|>because POSIX explicitly requires a call to closedir() with a rotten
|>argument to return EBADF, not to crash, trap or do anything else. (See
|>Sec. 5.1.2.4 of P1003.1).
|
|I bet to differ!  I consider this to be pointing out a bug in the implementation
|of free().  Calling free(), with a grabage pointer, shouldn't result in a
|trap either.  It shouldn't be layed at the feet of a portable library package
|to work around possible bugs in the underlying environment.
|
|A call to free() should (IMHO) result in either the storage being added
|to the free pool, if a valid looking header is found, or no action at all
|if garbage is presented.

Sorry, but this is not free()'s job.  Section 4.10.3.2, describing the
'free' function, states:

	The 'free' function causes the space pointed to by 'ptr' to be
	deallocated, that is, made available for further allocation.
	If 'ptr' is a null pointer, no action occurs.  Otherwise, if the
	argument does not match a pointer earlier returned by the
	'calloc', 'malloc', or 'realloc' function, or if the space has
	been deallocated by a call to 'free' or 'realloc', the behaviour
	is undefined.

"Undefined" behaviour means it can do ANYTHING if that situation occurs.
Now that we have standards (or nearly so, in the case of C), personal
opinions are moot.  Also, P1003.1 says about closedir():

	For each of the following conditions, when the condition is
	detected, the closedir() function shall return -1 and set
	'errno' to the corresponding value:
	
	[EBADF]	The 'dirp' argument does not refer to an open directory
	stream.

Thus the bug is really a bug, and Doug probably already is aware of it,
though perhaps Andy should send him a note to be sure.

\\   /  Dale Schumacher                         399 Beacon Ave.
 \\ /   (alias: Dalnefre')                      St. Paul, MN  55104-3527
  ><    ...umn-cs!midgard.mn.org!syntel!dal     United States of America
 / \\   "What is wanted is not the will to believe, but the will to find out,
/   \\  which is the exact opposite." -Bertrand Russell