From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 1014db,df854b5838c3e14
X-Google-Attributes: gid1014db,public
X-Google-Thread: 103376,df854b5838c3e14
X-Google-Attributes: gid103376,public
X-Google-Thread: 109fba,df854b5838c3e14
X-Google-Attributes: gid109fba,public
X-Google-Thread: 10db24,fec75f150a0d78f5
X-Google-Attributes: gid10db24,public
From: c2a192@ugrad.cs.ubc.ca (Kazimir Kylheku)
Subject: Re: ANSI C and POSIX (was Re: C/C++ knocks the crap out of Ada)
Date: 1996/04/08
Message-ID: <4kbuebINNrho@keats.ugrad.cs.ubc.ca>#1/1
X-Deja-AN: 146433682
references: <JSA.96Feb16135027@organon.com> <dewar.828936837@schonberg>
 <828964950snz@genesis.demon.co.uk> <dewar.828987544@schonberg>
organization: Computer Science, University of B.C., Vancouver, B.C., Canada
newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.edu
Date: 1996-04-08T00:00:00+00:00
List-Id: <comp.lang.ada>

In article <dewar.828987544@schonberg>, Robert Dewar <dewar@cs.nyu.edu> wrote:
 >With respect to read (Linux unusual behavior), Lawrence said
 >
 >"Both approaches meet the relevant standards and are correct. Only broken
 >code has portability problems, but that's nothing new."
 >
 >Can you quote the relevant standard. No description of read I ever saw
 >was detailed or precise enough to say what the requirements on the caller
 >are.
 >
 >Lots of code is portable and broken, lots of code is (deliberately)
 >non-portable and definitely not broken. Lots of code is carefully
 >written to be portable, but runs into bugs in supposedly conforming
 >implementations. Lots of code uses features that are useful, but for
 >which no standard exists, and hence may run into portability problems.

In this case, it is safe to assume that the caller of read() had better not lie
to the system call. The buffer size is the de-facto ``advertized'' buffer size,
and all of the buffer up to the given size should be backed by valid storage.

It would not even occur to me to advertize a buffer of size N, but pass a
pointer to a buffer of size M < N to the POSIX read() function, or in any way
rely on the nature of the checking done by the kernel.

This is so deeply entrenched in the realm of common sense that it isn't even
worth mentioning in a standard document! Nevertheless, I have access to the
POSIX.1 standard and will look into this.
--