From: utzoo!decvax!decwrl!sun!megatest!fortune!hpda!hplabs!sri-unix!dbj.rice@Rand-Relay
Newsgroups: net.unix-wizards
Title: Re: Questions about nil-pointer dereferences (the "plague")
Article-I.D.: sri-arpa.746
Posted: Fri Mar  4 19:05:09 1983
Received: Fri Apr  1 05:52:08 1983

From:  Dave Johnson <dbj.rice@Rand-Relay>

Many programs under Unix at least unknowingly use the fact that using a
zero pointer as a "char *" will give you a null string.  Although these
are many times bugs which nobody has yet found, we have found in bringing
up Phoenix under VMS that a large number of programs will break if
there is not a null string at 0.  The way this works on a VAX is that
the entry point for crt0 contains a register save mask which specifies that
no registers be saved.  Since crt0 gets loaded at address 0, this results
in a zero word at address zero, and thus, a null string at 0.  In answer
to your question:

   What if I do "int *a = 0, *b = 0; *b = 10; i = *a;"?  What is
   the value of i?  Does this mean that assigning indirect through
   a nil pointer is deadly to the rest of your nil pointer derefs?

the result would be a Bus Error, since location zero is part of the
text, rather than the data, and is thus write protected (except, of
course, under the OMAGIC format where the result in "i" would be
10).  I have not found any programs that try to write at address 0,
but there certainly are those that rely on reading there.

                                        Dave Johnson
                                        Rice University