[Png-mng-security] potentially serious memory handling error in libpng
Greg Roelofs
newt at pobox.com
Thu Feb 5 17:57:42 UTC 2009
>> Googling for "memset null pointer" turns up a lot of flame wars and pretty much
>> agreement that the NULL pointer does not have to be all zeroes. However, no
>> one seems to be able to provide an example. Therefore in the above I would
>> leave PNG_MEMSET_POINTERS_IS_UNSAFE undefined by default.
> Don't the C and C++ specifications specify the value for NULL? I have
> only seen mention of "0" or "(void *) 0".
I don't have the spec, but the K&R wording is that the literal integer 0
is equivalent to a NULL pointer only via cast, assignment, or comparison.
Direct memory access is none of those things.
> My own software (and most other software) would fail to work if NULL
> was not also zero and I have never seen such a failure.
The entire planet's software would fail if compilers used a different
representation for NULL; we don't need to worry about it in practice.
(And just say "no" to more ifdefs. Yeesh.)
Greg
More information about the png-mng-security-archive
mailing list