Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How many "mature C programs" try to recover in a usable way when malloc() returns NULL? That's a crash - a well-behaved one (no UB involved) hence not one that would be sought by most attackers other than a mere denial of service - but still a crash.


On 64-bit systems (esp Linux ones) malloc almost never returns NULL but keeps overallocating (aka overcommiting). You don't get out of memory errors / kills until you access it.


Exactly. Also, it is extremely rare.


> when malloc() returns NULL? That's a crash - a well-behaved one (no UB involved)

Wrong, dereferencing a NULL pointer is UB.


Which on UNIXes is a crash because the zero page is unmapped so you get a SIGSEGV


Unless the compiler optimized the access away, or replaced it with a different address.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: