Hi Alex, you wrote Sunday, July 25, 2021 10:25 PM: > Hi Stefan, > > On 7/12/21 11:07 AM, Stefan Kanthak wrote: >> Hi, >> >> the examples section of wcstok(3) shows the following code >> which exhibits undefined behaviour and typically segfaults: >> >> <https://man7.org/linux/man-pages/man3/wcstok.3.html#EXAMPLES> >> >> | wchar_t *wcs = ...; >> | wchar_t *token; >> | wchar_t *state; >> | for (token = wcstok(wcs, " \t\n", &state); >> | token != NULL; >> | token = wcstok(NULL, " \t\n", &state)) { >> | ... >> | } >> >> The string literal pointed to by wcs is read-only, and an >> attempt to modify a string literal results in undefined >> behaviour; wcstok() but writes NULs into its input string. >> >> FIX: replace the first line with either >> >> | wchar_t *wcs = strdup(...); >> >> or >> >> | wchar_t wcs[] = ...; > > That code is a bit unfortunate. Yes. > It is not a complete program, so it can be interpreted in different ways, > one of them the one you said, which results in UB. Correct: I interpret such snippets in their worst case and notice olny/first their vulnerabilities or UB. > I guess the intent of the code was that wcs was assigned a pointer to a > wchar_t * (not a literal), and therefore, it would be correct. Yes. > The code predates version control, so we'll never know... > > Would you mind sending a complete example? Just add a comment which tells that the string pointed to by wcs must not be a literal (or read-only). | wchar_t *wcs[] = ...; // must not point to a literal or read-only memory regards Stefan
