This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/10818] New: printf("%s\n", NULL) segfaults
- From: "kir at sacred dot ru" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 21 Oct 2009 07:14:33 -0000
- Subject: [Bug libc/10818] New: printf("%s\n", NULL) segfaults
- Reply-to: sourceware-bugzilla at sourceware dot org
[kir@kir ~]$ cat null.c
#include <stdio.h>
int main(void) {
fprintf(stdout, "%s\n", NULL);
printf("%s%s\n", NULL, NULL);
printf("%s", NULL);
printf("\n-newline-\n");
printf("%s\n", NULL);
return 0;
}
[kir@kir ~]$ gcc null.c
[kir@kir ~]$ ./a.out
(null)
(null)(null)
(null)
-newline-
Segmentation fault
Note that only printf with "%s\n" segfaults, while others are fine.
This is because
(1) call to printf("%s\n", str) is optimized to puts(str)
(2) puts(str) calls strlen(str)
(3) strlen(NULL) segfaults
System info:
$ rpm -q fedora-release gcc glibc
fedora-release-10-1.noarch
gcc-4.3.2-7.x86_64
glibc-2.9-3.i686
glibc-2.9-3.x86_64
PS
I discovered this bug when trying to do something like this:
/* This should return NULL -- buflen is not big enough */
printf("%s\n", inet_ntop(AF_INET, &in, buf, 2);
and got SIGSEGV instead of (null) being printed.
--
Summary: printf("%s\n", NULL) segfaults
Product: glibc
Version: 2.9
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: kir at sacred dot ru
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=10818
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.