Defect Report #054
Submission Date: 01 Apr 93
Submittor: Project Editor (P.J. Plauger)
Source: Larry Jones
Are the string handling functions defined in subclause 7.11 that have
an explicit length specification (memcpy, memmove, strncpy,
strncat, memcmp, strncmp, strxfrm, memchr,
and memset) well-defined when the length is specified as zero?
Taking memcpy as an example, the description in subclause 126.96.36.199
The memcpy function copies n characters from the
object pointed to by s2 into the object pointed to by s1.
If copying takes place between objects that overlap, the behavior
The response to Defect Report #042 Question 1 indicates that:
... the ``objects'' referred to by subclause 188.8.131.52
are exactly the regions of data storage pointed to by the pointers
and dynamically determined to be of N bytes in length (i.e.
treated as an array of N elements of character type).
Since, by definition, objects consist of at least one byte, this would
imply that s1 and s2 are not pointing to objects when
N is zero and thus are outside the domain of the function leading
to undefined behavior.
I do not recall whether this was the Committee's intent or not, but
it would seem that some clarification is in order.
Add to subclause 7.11.1, page 162:
Where an argument declared as size_t n specifies the length
of the array for a function, n can have the value zero on a
call to that function. Unless explicitly stated otherwise in the description
of a particular function in this subclause, pointer arguments on such
a call must still have valid values, as described in subclause 7.1.7.
On such a call, a function that locates a character finds no occurrence,
a function that compares two character sequences returns zero, and
a function that copies characters copies zero characters.
Previous Defect Report
< - >
Next Defect Report