diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2021-04-11 19:06:00 -0700 |
---|---|---|
committer | Paul Eggert <eggert@cs.ucla.edu> | 2021-04-13 12:17:56 -0700 |
commit | bdc674d97ba8b59e22b1f45fa1a37862764fcc75 (patch) | |
tree | 66b8438f974eb3910663d1a0f047f256de376f50 /manual/stdio.texi | |
parent | cedbf6d5f3f70ca911176de87d6e453eeab4b7a1 (diff) | |
download | glibc-bdc674d97ba8b59e22b1f45fa1a37862764fcc75.tar.gz glibc-bdc674d97ba8b59e22b1f45fa1a37862764fcc75.tar.xz glibc-bdc674d97ba8b59e22b1f45fa1a37862764fcc75.zip |
Improve documentation for malloc etc. (BZ#27719)
Cover key corner cases (e.g., whether errno is set) that are well settled in glibc, fix some examples to avoid integer overflow, and update some other dated examples (code needed for K&R C, e.g.). * manual/charset.texi (Non-reentrant String Conversion): * manual/filesys.texi (Symbolic Links): * manual/memory.texi (Allocating Cleared Space): * manual/socket.texi (Host Names): * manual/string.texi (Concatenating Strings): * manual/users.texi (Setting Groups): Use reallocarray instead of realloc, to avoid integer overflow issues. * manual/filesys.texi (Scanning Directory Content): * manual/memory.texi (The GNU Allocator, Hooks for Malloc): * manual/tunables.texi: Use code font for 'malloc' instead of roman font. (Symbolic Links): Don't assume readlink return value fits in 'int'. * manual/memory.texi (Memory Allocation and C, Basic Allocation) (Malloc Examples, Alloca Example): * manual/stdio.texi (Formatted Output Functions): * manual/string.texi (Concatenating Strings, Collation Functions): Omit pointer casts that are needed only in ancient K&R C. * manual/memory.texi (Basic Allocation): Say that malloc sets errno on failure. Say "convert" rather than "cast", since casts are no longer needed. * manual/memory.texi (Basic Allocation): * manual/string.texi (Concatenating Strings): In examples, use C99 declarations after statements for brevity. * manual/memory.texi (Malloc Examples): Add portability notes for malloc (0), errno setting, and PTRDIFF_MAX. (Changing Block Size): Say that realloc (p, 0) acts like (p ? (free (p), NULL) : malloc (0)). Add xreallocarray example, since other examples can use it. Add portability notes for realloc (0, 0), realloc (p, 0), PTRDIFF_MAX, and improve notes for reallocating to the same size. (Allocating Cleared Space): Reword now-confusing discussion about replacement, and xref "Replacing malloc". * manual/stdio.texi (Formatted Output Functions): Don't assume message size fits in 'int'. * manual/string.texi (Concatenating Strings): Fix undefined behavior involving arithmetic on a freed pointer.
Diffstat (limited to 'manual/stdio.texi')
-rw-r--r-- | manual/stdio.texi | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/manual/stdio.texi b/manual/stdio.texi index 6ff1806281..fd7ed0cedc 100644 --- a/manual/stdio.texi +++ b/manual/stdio.texi @@ -2428,31 +2428,29 @@ string. Here is an example of doing this: char * make_message (char *name, char *value) @{ - /* @r{Guess we need no more than 100 chars of space.} */ - int size = 100; - char *buffer = (char *) xmalloc (size); - int nchars; + /* @r{Guess we need no more than 100 bytes of space.} */ + size_t size = 100; + char *buffer = xmalloc (size); @end group @group - if (buffer == NULL) - return NULL; - /* @r{Try to print in the allocated space.} */ - nchars = snprintf (buffer, size, "value of %s is %s", - name, value); + int buflen = snprintf (buffer, size, "value of %s is %s", + name, value); + if (! (0 <= buflen && buflen < SIZE_MAX)) + fatal ("integer overflow"); @end group @group - if (nchars >= size) + if (buflen >= size) @{ /* @r{Reallocate buffer now that we know how much space is needed.} */ - size = nchars + 1; - buffer = (char *) xrealloc (buffer, size); + size = buflen; + size++; + buffer = xrealloc (buffer, size); - if (buffer != NULL) - /* @r{Try again.} */ - snprintf (buffer, size, "value of %s is %s", - name, value); + /* @r{Try again.} */ + snprintf (buffer, size, "value of %s is %s", + name, value); @} /* @r{The last call worked, return the string.} */ return buffer; |