samedi 20 janvier 2018

Why is the SUN_LEN macro dereferencing NULL without an error?

I'm currently looking at a clang sanitizer error that tells me that I'm dereferencing a nullptr during the runtime of my program. Looking at the source of the problem, I got to the SUN_LEN macro in sys/un.h on Arch Linux which looks like this:

/* Structure describing the address of an AF_LOCAL (aka AF_UNIX) socket.  */
struct sockaddr_un
  {
    __SOCKADDR_COMMON (sun_);
    char sun_path[108];     /* Path name.  */
  };


#ifdef __USE_MISC
# include <string.h>        /* For prototype of `strlen'.  */

/* Evaluate to actual length of the `sockaddr_un' structure.  */
//                                                      vvv This is NULL?
# define SUN_LEN(ptr) ((size_t) (((struct sockaddr_un *) 0)->sun_path)        \
              + strlen ((ptr)->sun_path))
#endif

It seems this macro is always trying to access NULL so the fault seems to be there. But I highly doubt this is a bug as this macro is used everywhere and seems to work fine (beside the sanitizer warning), so I'm wondering why this is not crashing and why it's there in the first place?

Aucun commentaire:

Enregistrer un commentaire