Ticket #35 (closed bug: wontfix)

Opened 5 months ago

Last modified 1 month ago

qsort() pointer overflow

Reported by: solar Assigned to: solar
Milestone: v0.5 Version: 0.4.1
Keywords: Cc:

Description

Should the to-be-sorted sequence be located at the very top of adressable space, the 'limit' pointer used by qsort() would overflow (see source):

char * limit = base_ + nmemb * size;

Thanks to Brian Damgaard for pointing this out.

Change History

03/09/10 11:52:46 changed by solar

  • status changed from new to assigned.

07/01/10 14:13:56 changed by solar

  • status changed from assigned to closed.
  • resolution set to wontfix.

C99 explicitly allows for a pointer to point one element beyond the end of an array.

As such, C99 *forbids* an array to be located at the very top of the addressable space (as it couldn't guarantee the pointer beyond the end to work in this case).

I originally intended to write my library in a way that all these "undefined" corner cases are caught and handled somehow, ideally with a meaningful error message. During implementation of Standard I/O, I came to realize this was highly impractical, if at all possible. As such, I close this bug as "wontfix". That doesn't mean I will not return one day and figure out a good way to handle the condition, just that I won't do so now.