It appears compilers/c libs behave unpredictably when having a format string with %s and passing a NULL or 0 value.
This segfaults with gcc/glibc:
#include <stdio.h>
int main() {
printf("%s\n", NULL);
}
This does not:
#include <stdio.h>
int main() {
printf("test %s\n", NULL);
}
Probably both should be considered undefined. Yet, none of the sanitizers warn about this.
If this is invalid, I think it should be intercepted and trigger an error in ASAN. (Possibly debatable whether ASAN or UBSAN, but it's essentially an invalid pointer, so it's a memory/"address" issue.)
It appears compilers/c libs behave unpredictably when having a format string with %s and passing a NULL or 0 value.
This segfaults with gcc/glibc:
This does not:
Probably both should be considered undefined. Yet, none of the sanitizers warn about this.
If this is invalid, I think it should be intercepted and trigger an error in ASAN. (Possibly debatable whether ASAN or UBSAN, but it's essentially an invalid pointer, so it's a memory/"address" issue.)
See also discussion here: https://mastodon.social/@dalias@hachyderm.io/113300321719126989 (and rest of thread, it appears the first one crashes due to an optimization towards puts.)