This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/12547] New: realloc(p, 0) violates C99
- From: "msebor at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Sun, 6 Mar 2011 22:48:35 +0000
- Subject: [Bug libc/12547] New: realloc(p, 0) violates C99
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=12547
Summary: realloc(p, 0) violates C99
Product: glibc
Version: 2.13
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper.fsp@gmail.com
ReportedBy: msebor@gmail.com
The C99 standard specifies that an implementation may return NULL from a call
to realloc(p, 0). However, in such a case a conforming implementation must
avoid freeing the space pointed to by p and a program must call free(p). The
test case below shows that glibc violates this C99 requirement, causing a
program to free the space twice. Note that this C99 requirement to avoid
freeing the pointer is in contrast to POSIX -- see the discussion on the
austin-group-l list starting with this post:
https://www.opengroup.org/sophocles/show_mail.tpl?CALLER=show_archive.tpl&source=L&listname=austin-group-l&id=15252
$ cat <<EOF | gcc -xc - && ./a.out
#include <stdlib.h>
int main(void) {
void *p, *q;
p = malloc(1);
q = realloc(p, 0);
if (p && !q)
free(p);
return 0;
}
EOF
*** glibc detected *** double free or corruption (fasttop): 0x0000000000501010
***
Aborted
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.