Invalid Pointers (was Re: Referencing NULL pointers)

Barry Shein bzs at bu-cs.BU.EDU
Sat Jul 22 02:34:06 AEST 1989


>In article <34785 at bu-cs.BU.EDU> bzs at bu-cs.BU.EDU (Barry Shein) writes:
>>A perfectly good solution is:
>>
>>	struct foobar no_foobar;
>>	#define NO_FOOBAR (&no_foobar)
>>
>>being as no_foobar will be the only thing assigned this address it is
>>unique and solves your problem.
>
>struct foobar no_foobar;
>#define NO_FOOBAR (&no_foobar)
>struct foobar foo_array[50];
>struct foobar *ptr;
>
>...
>
>ptr = &foo_array[0];
>ptr = ptr - 1;
>
>Now, the last line above is obviously not something that should be
>encouraged :-), but fencepost errors of that type happen commonly
>inside loops et al.  You can't assume that just because you've
>allocated a particular spot in memory be declaring a variable to sit
>in that spot, nothing else will ever try to access that spot.
>
>The already-mentioned assignment of NO_FOOBAR to 0 is a better
>solution.
>
>Jonathan Kamens			              USnail:

The issue is a *unique* spot to test against versus one which is
guaranteed to cause a core dump or some other fault, perhaps. Although
in theory a pointer of zero should cause some sort of fault we all
should know by now that some of the most popular unix platforms will
treat it as legally as any other address, does the person want the
theoretical answer or one which will work for his/her software on a
variety of platforms? In fact as I remember this is exactly what the
original question was alluding to, he was well aware of using a zero
pointer but felt he needed some alternative (he was using -1.)

Some people suggested just calling malloc(n) and using that and that
indeed is equivalent to my suggestion other than set-up costs (why not
just set it up statically at load time?) The advantage to this sort of
approach is you can have more than one of them (eg. to be able to type
the invalid pointer.)

I believe the only sure way to get a pointer which is guaranteed to
cause a fault on a wide variety of platforms if de-referenced is going
to involve machine-dependent ifdef's in a header, it will vary from
machine to machine.

Obvious attacks are 0 on many (but not all) systems, a pointer into
text space on others (eg. the address of a function), even that
depends on certain load options being used but we'll assume that's
under control of the author, setting some magic bit (eg. pointing into
the wrong P space on a VAX), others?

In fact on some machines there may be no pointer guaranteed to produce
a fault when dereferenced (at least not without changing the operating
system which I am sure someone here will suggest as a counter-example,
wrongo, not w/in the stated constraints.) I believe an example of that
would be a PDP-11 with separate I&D space and all data space (64K)
legally allocated, NOT an unusual situation (tho PDP-11s are somewhat
unusual in this day and age.) The S/370 using 24 bit addressing may be
another example depending on the host O/S, same for a '286? (not
exactly rare and peculiar machines.) Trying to write into the space of
course makes the problem easier, but most would like an address which
faults if read (can't just destroy memory to see if a pointer is
valid.)

It's an interesting question and repeating zero adds nothing.


-- 
	-Barry Shein

Software Tool & Die, Purveyors to the Trade
1330 Beacon Street, Brookline, MA 02146, (617) 739-0202
Internet: bzs at skuld.std.com
UUCP:     encore!xylogics!skuld!bzs or uunet!skuld!bzs



More information about the Comp.unix.wizards mailing list