[Bug libstdc++/26458] Passing a NULL char* into output stream now breaks the output stream

["phil at mitre dot org" <gcc-bugzilla@gcc.gnu.org>]

------- Comment #2 from phil at mitre dot org  2006-02-24 18:45 -------
Subject: RE:  Passing a NULL char* into output stream now breaks the output
stream

Thanks for the quick response.  This came up when some old systems were
ported from Solaris using gcc-2.9.5 or so and out output files just
stopped growing.  Took a couple days of detailed debugging to track it
down to a low-level string class...

In any event, my experience is that developers tend not to assert the
status of the stream operators every time they use them, especially
output streams.  In general, with almost any output descriptor or
stream, you use it correctly or not to your peril, subject to core
dumps and the like.  However, this behavior seems to expect that all
developers will do the right thing and always check stream state after
each << use (never mind if you string several together).  But the
reason they got into this state to begin with is because they did
something wrong, sending NULL where they shouldn't, so how can you
expect, if they did that, that they would bother to check the ostream
operator.

So my feeling is that the effect of doing this should be one of the
following:

1. allow << for NULL of known type by doing nothing; if (NULL)
return...
2. seg fault for making an ostream deref a NULL 

Otherwise, there's great potential that the output stream (the data)
will become corrupted, even if you manage to check it state.  For
example:

cout << "hello " << val1 << " is " << val2 << " here today?" << endl;
assert(!cout.good());

It's almost impossible to determine, even if you know the state is bad,
how much data was successfully sent into the stream before it crapped
out.  On one level you're doing a nice thing by not crashing the
program, but on another it seems unlikely you'll be able to recover the
stream, by perhaps filling in missing pieces correctly, so you might as
well crash.

        Thanks again for the response...

                phil


Phil Brown
Lead Software Systems Engineer
Mitre CAASD
phil@mitre.org

Perception is nine-tenths of the flaw.


>-----Original Message-----
>From: pcarlini at suse dot de [mailto:gcc-bugzilla@gcc.gnu.org] 
>Sent: Friday, February 24, 2006 11:53 AM
>To: Brown, Phil
>Subject: [Bug libstdc++/26458] Passing a NULL char* into 
>output stream now breaks the output stream
>
>
>
>------- Comment #1 from pcarlini at suse dot de  2006-02-24 
>16:53 -------
>The change is certainly intended and the important point is 
>that is not true
>that there is no indication of the failure, quite to the 
>contrary the badbit is
>set. Try changing your test like this:
>
>  char *str = NULL;
>  cout << "Hello " << str;
>
>  assert( !cout.good() );
>  cout.clear();
>
>  cout << " there" << endl;
>
>  assert( cout.good() );
>
>  cout << "still dead?" << endl;
>
>  assert( cout.good() );
>
>
>-- 
>
>pcarlini at suse dot de changed:
>
>           What    |Removed                     |Added
>---------------------------------------------------------------
>-------------
>             Status|UNCONFIRMED                 |RESOLVED
>          Component|c++                         |libstdc++
>         Resolution|                            |INVALID
>
>
>http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26458
>
>------- You are receiving this mail because: -------
>You reported the bug, or are watching the reporter.
>


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26458