On 06/07/2021 23:11, Florian Weimer wrote:
> * Jonny Grant:
>
>> The reason it does not crash appears to be because of this warning
>> which removes the call to strlen due to the return not being
>> checked?
>
> GCC uses the information that the argument to strlen cannot be null on
> that particular path.
It's a shame GCC doesn't give a warning
It may be GCC is using '__builtin_strlen'
<string.h> marks the param as nonnull. However, I am surprised this does not trigger the GCC warning -Werror=nonnull
/* Return the length of S. */
extern size_t strlen (const char *__s)
__THROW __attribute_pure__ __nonnull ((1));
Perhaps that is just a macro that is not actually used......
If I add another function -Werror=nonnull does give a warning
void test(const char * const p) __attribute__((nonnull));
https://godbolt.org/z/x37sbfWaG
<source>:15:9: error: argument 1 null where non-null expected [-Werror=nonnull]
15 | test(NULL);
>
>> strlen.c:11:3: warning: statement with no effect [-Wunused-value]
>> 11 | strlen (str);
>> | ^~~~~~~~~~~~
>>
>> https://godbolt.org/z/caoes5nGa
>
> That site probably uses different library headers.
>
> As posted, with Debian's GCC 8.3, I get this for the main function:
>
> main:
> xorl %eax, %eax
> ret
>
In that case maybe https://man7.org/linux/man-pages/man3/strlen.3.html should have a "NOTES" section stating something similar to your wording ?
NOTES
The behavior of strlen(NULL) is depends on different things. It may cause a SEGV exception, or the compiler may optimize and remove the code path handling NULL.
Cheers, Jonny
