c_new undefined behavior

[ethana56]

Hello,
It seems that the c_new macro invokes undefined behavior when malloc returns NULL because passing NULL to memcpy is undefined behavior.

[ethana56]

I also see similar code in cstr_reserve:

    if (cap > cstr_s_cap) {
        char* data = (char *)i_malloc(cap + 1);
        const isize len = cstr_s_size(self);
        /* copy full short buffer to emulate realloc() */
        c_memcpy(data, self->sml.data, c_sizeof self->sml);
        self->lon.data = data;
        self->lon.size = (size_t)len;
        cstr_l_set_cap(self, cap);
        return data;
    }
    return self->sml.data;

data might be NULL if i_malloc returns NULL, which will invoke undefined behavior. Should functions that call malloc check for NULL and return early with a return value of NULL or false?

[tylov]

Hi, yes return NULL for reserve and a few others. There is an accepted proposal to make this non-UB in C2y, but for now it should be fixed with a separate commented check which can be easily removed later. This issue also includes possible (NULL + 0) expressions to be UB.