Defect Report #051

Submission Date: 08 Mar 93
Submittor: Project Editor (P.J. Plauger)
Source: Andrew R. Koenig
Question 1
I'll give you the short form first. I can haul out lots of related material if it becomes necessary, but perhaps the bare question is enough. Is the following program strictly conforming?
#include <stdlib.h>

struct A {
char x[1];
};

main()
{
struct A *p = (struct A *) malloc(sizeof(struct A) + 100);
p->>x[5] = '?'; /*
This is the key line */
return 0;
}
If I remember correctly from reading the C Standard, pointer arithmetic is illegal if it results in an address outside the object to which the original pointer refers. The question here is essentially whether the ``object'' is all the memory returned by malloc or the single char denoted by p->>x[0].
I do not believe there is any language in the C Standard that clearly answers this question. I understand that this particular programming technique is quite common, but that is more likely to affect whether a program is ``conforming'' than whether it is ``strictly conforming.''
Response
Subclause 6.3.2.1 describes limitations on pointer arithmetic, in connection with array subscripting. (See also subclause 6.3.6.) Basically, it permits an implementation to tailor how it represents pointers to the size of the objects they point at. Thus, the expression p->>x[5] may fail to designate the expected byte, even though the malloc call ensures that the byte is present. The idiom, while common, is not strictly conforming.
A safer idiom is:
#include <stdlib.h>
#define HUGE_ARR 10000 /*
largest desired array */

struct A {
char x[HUGE_ARR];
};

main()
{
struct A *p = (struct A *) malloc(sizeof(struct A)
- HUGE_ARR + 100); /*
want x[100] this time */
p->>x[5] = '?'; /*
now strictly conforming */
return 0;
}
Previous Defect Report < - > Next Defect Report