Message 129172 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	belopolsky, georg.brandl, jcea, lemburg, mark.dickinson, ncoghlan, pitrou
Date	2011-02-23.11:16:50
SpamBayes Score	6.5842585e-09
Marked as misclassified	No
Message-id	<1298459807.3710.15.camel@localhost.localdomain>
In-reply-to	<4D64E85A.90908@egenix.com>

Content
> PyUnicode_Decode() et al. are conversion functions and these > require valid content to work on. Passing in a NULL pointer > does not fit that specification and so allowing for this > would hide programming errors. "Valid content" doesn't mean a lot when the length is 0. What is a valid 0-length string compared to an invalid one? What if the pointer is non-NULL but segfaults when trying to dereference it? Is it "valid"? Moreover, malloc() is allowed by POSIX to return NULL when called with a 0 length: If size is 0, either a null pointer or a unique pointer that can be successfully passed to free() shall be returned. (http://www.opengroup.org/onlinepubs/007904875/functions/malloc.html) ... which means that such a pointer can then, depending on the platform, get passed (legitimately) to PyUnicode_Decode(). So, IMO, practicality beats purity here. Especially since it is bound to land in a bugfix release (3.2.1), which users don't expect to produce regressions in their own code. OTOH, I agree that a NULL pointer combined with non-0 length could produce an explicit error.

> PyUnicode_Decode() et al. are conversion functions and these
> require valid content to work on. Passing in a NULL pointer
> does not fit that specification and so allowing for this
> would hide programming errors.

"Valid content" doesn't mean a lot when the length is 0.
What is a valid 0-length string compared to an invalid one?
What if the pointer is non-NULL but segfaults when trying to dereference
it? Is it "valid"?

Moreover, malloc() is allowed by POSIX to return NULL when called with a
0 length:

        If size is 0, either a null pointer or a unique pointer that can
        be successfully passed to free() shall be returned.

(http://www.opengroup.org/onlinepubs/007904875/functions/malloc.html)

... which means that such a pointer can then, depending on the platform,
get passed (legitimately) to PyUnicode_Decode().

So, IMO, practicality beats purity here. Especially since it is bound to
land in a bugfix release (3.2.1), which users don't expect to produce
regressions in their own code.

OTOH, I agree that a NULL pointer combined with non-0 length could
produce an explicit error.

History
Date	User	Action	Args
2011-02-23 11:16:51	pitrou	set	recipients: + pitrou, lemburg, georg.brandl, jcea, mark.dickinson, ncoghlan, belopolsky
2011-02-23 11:16:50	pitrou	link	issue11286 messages
2011-02-23 11:16:50	pitrou	create