iceoryx
iceoryx copied to clipboard
`rp::RelativePointer::get()` does not check for `nullptr` before access
Required information
Operating system: Ubuntu 20.04.3 LTS
Compiler version: GCC 8.4.0
Observed result or behaviour:
Accessing an empty RelativePointer
leads to a crash
Expected result or behaviour:
Accessing an empty RelativePointer
shall lead to a fatal error (defined behaviour)
Conditions where it occurred / Performed steps:
Call RelativePointer::get()
on empty object
@mossmaurice @elBoberido @MatthiasKillat @FerdinandSpitzschnueffler sorry but I reopened it.
Please correct me if I am wrong but a relative pointer:
- is a low level abstraction for a C pointer
- should behave exactly like a C pointer
-
nullptr
is a valid value of a C pointer, it is like that the number 0 is a valid value for anint
The description is in my opinion also misleading:
Accessing an empty RelativePointer leads to a crash
. No it does not. When accessing a relative pointer which contains nullptr
with RelativePointer::get()
we just get the nullptr
.
I would propose (and also implement) the following solution.
-
nullptr
is an allowed and normal value forRelativePointer
-
RelativePointer::get()
can return anullptr
-
operator->()
will always terminate when the relative pointer contains anullptr
. The reason is that when one accesses anullptr
viaoperator->()
most compilers will either segfault or have undefined behavior and here I would just enforce that we really segfault.
@mossmaurice @elBoberido @MatthiasKillat @FerdinandSpitzschnueffler sorry but I reopened it.
Please correct me if I am wrong but a relative pointer:
- is a low level abstraction for a C pointer
- should behave exactly like a C pointer
nullptr
is a valid value of a C pointer, it is like that the number 0 is a valid value for anint
The description is in my opinion also misleading:
Accessing an empty RelativePointer leads to a crash
. No it does not. When accessing a relative pointer which containsnullptr
withRelativePointer::get()
we just get thenullptr
.I would propose (and also implement) the following solution.
nullptr
is an allowed and normal value forRelativePointer
RelativePointer::get()
can return anullptr
operator->()
will always terminate when the relative pointer contains anullptr
. The reason is that when one accesses anullptr
viaoperator->()
most compilers will either segfault or have undefined behavior and here I would just enforce that we really segfault.
Agree. I think we merged the PR too hasty.
@elfenpiff
RelativePointer::get()
can return anullptr
operator->()
will always terminate when the relative pointer contains anullptr
. The reason is that when one accesses anullptr
viaoperator->()
most compilers will either segfault or have undefined behavior and here I would just enforce that we really segfault.
Good point :+1: thanks! It's fixed on #1599